Mobile Threat Catalogue

Hardware Component Substitution During Transfer


Threat Category: Supply Chain


Threat Description: An adversary with access to production component supplier shipping channels during transfer of system components can substitute a maliciously altered hardware component for a tested and approved component.1

Threat Origin

Supply Chain Attack Framework and Attack Patterns 1

Exploit Examples

Not Applicable

CVE Examples

Not Applicable

Possible Countermeasures


Test systems that contain newly integrated or updated components to detect incorrect function or anomalous behavior prior to production use


  1. J.F. Miller, “Supply Chain Attack Framework and Attack Patterns”, tech. report, MITRE, Dec. 2013;  2