If containers or hypervisors are used, an attacker could overcome the container fences and gain access to the host system. Separations between applications may be defeated, and malicious operations could affect other functionalities. This attack can leverage common utilities, schedulers, shared memory, or vulnerabilities. [1]
"Gaining access to the host may provide the adversary with the opportunity to achieve follow-on objectives, such as establishing persistence, moving laterally within the environment, or setting up a command-and-control channel on the host." [2]
| ID | Mitigation | Description |
|---|---|---|
| M2064 | Detection techniques of exploitation attempts | |
| M2063 | Patching to the latest available software version |