216.73.217.64

T0819: Exploit Public-Facing Application

View on MITRE ATT&CK The MITRE Corporation · Published 21/05/2020 19:43 · Modified 27/03/2026 01:44

Essential information

MITRE technique ID
T0819
Confidence
100/100
Revoked
No
Published
21/05/2020 19:43
Modified
27/03/2026 01:44
Author / Source
The MITRE Corporation

Description

Adversaries may leverage weaknesses to exploit internet-facing software for initial access into an industrial network. Internet-facing software may be user applications, underlying networking implementations, an assets operating system, weak defenses, etc. Targets of this technique may be intentionally exposed for the purpose of remote management and visibility. An adversary may seek to target public-facing applications as they may provide direct access into an ICS environment or the ability to move into the ICS network. Publicly exposed applications may be found through online tools that scan the internet for open ports and services. Version numbers for the exposed application may provide adversaries an ability to target specific known vulnerabilities. Exposed control protocol or remote access ports found in Commonly Used Port may be of interest by adversaries.

Kill chain phases

Kill chainPhase
mitre-ics-attack initial-access

Marking (TLP)

Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references