hubertdcruze
commented
5 months ago Oh yes, a good point. An attacker could potentially arbitrarily modify firmware or images, especially if proper security measures are not in place. The type of attack could be MitM attack or a supply chain attack, which may involve intercepting and altering communications between the source of the updates (e.g., software vendor) and the destination (e.g., SDN controller) to introduce malicious code or vulnerabilities. The success of such an attack could be a lack of encryption, weak authentication, insecure update mechanisms, or it could be infrastructure involved in the distribution or delivery of updates is compromised.
A missing attacker ability is: "The attacker can arbitrarily modify firmware or images being sent as updates to the SDN controller, prior to their being loaded. The attacker lacks the ability to forge cryptographic signatures on these modified firmware or images."