| ID | Name |
|---|---|
| ATAGS-T1012.001 | Business Relationships |
| ATAGS-T1012.002 | Hardware Recon |
| ATAGS-T1012.003 | Known Vulnerabilities |
| ATAGS-T1012.004 | Software Recon |
Threat actors may gather information about vulnerabilities that can be used for future campaigns or to perpetuate other techniques. A vulnerability is a weakness in the victim spacecraft's hardware, subsystems, bus, or software that can, potentially, be exploited by a threat actor to cause unintended or unanticipated behavior to occur. During reconnaissance as threat actors identify the types/versions of software (i.e., COTS, open-source) being used, they will look for well-known vulnerabilities that could affect the spacecraft. Threat actors may find vulnerability information by searching leaked documents, vulnerability databases/scanners, compromising ground systems, and searching through online databases.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.