Refers to the deliberate introduction of faults into a vehicle's hardware components to exploit vulnerabilities and escalate privileges. This technique manipulates the hardware's normal operations, potentially granting attackers unauthorized access or control over vehicle systems.

Attackers exploit a vulnerability in the operating system (OS) to gain higher permissions or privileges on a computer system. This could be a security hole, a software malfunction or unexpected behavior in the operating system. The attacker develops an exploit that is specifically tailored to the identified vulnerability. Once executed, the attacker can gain access to system resources, administrative accounts, or other sensitive information.

Attackers use this technique to gain higher privileges on a computer system by exploiting a vulnerability in application software. The attacker looks for vulnerabilities in application software installed on the target system. This could be a security vulnerability in any application such as web browsers, office programs, PDF viewers or other software. After the vulnerability is identified, the attacker develops a special "exploit" that targets the vulnerability. The attacker executes the exploit on the target system using the application affected by the vulnerability.

Malicious alteration of the \acf{tee} in a vehicle's system. By tampering with the TEE, adversaries can maintain persistent unauthorized access or control, potentially compromising the secure execution of critical vehicle functions.

Users are tricked into taking actions using social engineering that result in the execution of malware or other malicious activities. Users are manipulated through phishing, vishing (voice phishing) or other forms of interaction.

Attackers use the task scheduling feature to execute malicious code, either as a one-time event or at recurring intervals. Task scheduling is used to achieve persistence by running programs at system startup or on a schedule. It can also allow them to run processes using specific user account contexts, perhaps with elevated privileges.

Adversaries use the native OS application programming interface (API) to perform various actions. Native APIs allow controlled access to low-level OS services, including hardware, memory, and processes. These APIs are essential during system boot and regular operations.