Description
Adversaries may manipulate access tokens to gain higher privileges in telecom systems.
Sub-techniques
Specific variations of this technique
MOT3028.301OAuth Token Manipulation
4G
5G-SA: Demonstrated
Adversaries may manipulate OAuth tokens used in modern telecom APIs to gain higher privileges.
MOT3028.302JWT Manipulation
5G-SA: Demonstrated
Adversaries may manipulate JSON Web Tokens (JWTs) used in 5G service-based interfaces to gain higher privileges.
Related Software
Software tools associated with this technique
No related software found
Network Generations
Mobile network generations this technique applies to
2G
Not Applicable
3G
Not Applicable
4G
Used
5G-SA
Demonstrated
5G-NSA
Not Applicable