Threat Actors may use Patch System Image to hard code a password in the operating system, thus bypassing of native authentication mechanisms for local accounts on network devices.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.