
* T.DOC.ACCESS <- can be merged with T.DOC.STEAL as "T.DOC"
Unauthorized user might get user documents with usual method as same as authorized users.
This threat includes unintentional accident.

 N.T.IP.DUS	: Impersonating the device by stealing its IP address (then access to documents as authorized device)
 P.D.OUTPUT	: Removing or examining documents from an output tray
 P.D.INPUT	: Removing or examining documents from the document feeder


* T.DOC.STEAL <- can be merged with T.DOC.ACCESS as "T.DOC"
Unauthorized user might get user documents with unusual method.
Moreorless intentional.

 M.AB.COPY	: Changing the address book to send copies of documents to other destinations
 MI.FAX		: Man-in-the-middle attack to intercept/modify/redirect inbound/outbound faxes
 MI.MGNT	: Man-in-the-middle attack for management tools
 MI.PRINT	: Man-in-the-middle attack to capture/alter/resend/print job
 MI.SCAN	: Man-in-the-middle attack to intercept/modify/redirect scan or scan-to-fax data
 N.T.IP.DNS	: Using a rogue DNS server to redirect scans
 N.T.PEER	: Using a peer-to-peer connection to circumvent accounting or proxy server
 N.T.S.CRED	: Sniffing network traffic to gain access to credentials (then access to documents)
 N.T.S.DOC	: Sniffing network traffic to gain access to documents
 M.C.SEC	: Changing the security settings or configuration
 P.CAMERA	: Record each page using an internal or external digital camera
 F.SNIFF	: Sniffing phone line to gain access to faxed documents
 

* T.SALVAGE
Salvage of residual data from devices to get user documents

 P.MICROSCOPE	: Using electron microscope to read residual image on copier belt or drum
 P.DISK		: Removing or swapping the device's hard disk (then salvage the residual data)


* T.DOS.LOGICAL <- can be merged with T.DOS.PHYSICAL as "T.DOS"
DOS attack against MFP or other equipment in office.

 N.T.CRAFT	: Sending crafted network packets to cause network interface failure
 N.T.FLOOD	: Flooding packets to cause a network interface failure
 N.P.CRASH	: Submitting rogue PDL data to cause print controller failure
 N.P.DELETE	: Submitting rogue PDL data to delete persistent resources
 N.P.LOOP	: Submitting rogue PDL code to induce looping to degrade performance
 N.P.N.CANCEL	: Sending a print job that generates a flood of backchannel messages
 N.P.N.EMAIL	: Sending a print job that generates a flood of email notifications
 N.P.PRIORITY	: Continuously sending print jobs that deprioritize copy or scan jobs
 F.LOOP		: Continuously sending grayscale fax pages at low speed
 S.LOOP		: Continuously sending excessive scanned document volume


* T.DOS.PHYSICAL <- can be merged with T.DOS.LOGICAL as "T.DOS"
DOS attack against MFP.

 P.ALTER	: Mechanically or electrically altering or damaging the device or its components
 P.INTERFERE	: Mechanically or electrically interfering with the device or its components


* T.UNAUTH_USE
Unauthorized use of MFP.

 M.ID.AUDIT	: Changing the identity or configuration to bypass accounting or auditing
 M.ID.SPOOF	: Changing the identity to spoof another source device
 M.RELAY	: Propagate malicious email messages through open email relay
 M.SERVICE	: Hacking into the device through a service other than the web server
 M.WEB		: Hacking into the device through the internal web server 
 P.COPYCONTROL	: Using a rogue copy control device to bypass copy control


* T.REPLACE_TOE
The TOE might be replaced by malicious one and the security functions don't work.

 M.FW.APPLET	: Installing a rogue embedded firmware applet 
 M.FW.UPDATE	: Installing a rogue firmware update


* T.CONSUMABLES

 P.CONSUMABLES	: Removing consumables (paper, toner etc.)


* T.AUDIT <- This is the subordinate threat deriving from a security audit function

 M.A.ACCESS	: Accessing the device accounting/audit logs (and modify/delete, then become impossible to trace)
 M.A.ALTER	: Altering the device accounting/audit logs (then become impossible to trace)


* ???

 N.T.CONNECT	: Opening all available TCP connections and keeping them open (then ???)
 M.C.IMAGE	: Altering image processing parameters (then ???)
 M.C.INTERVAL	: Setting a very short interval on a network operations (then ???)
 M.C.SERVICES	: Gain access to enable/disable services (then ???, DOS?) 
 M.DATE		: Changing device date/time to forge send/receive date/time stamp (then ???, SSL?)
 F.OFFHOOK	: Inserting off-hook telephone in the loop (then ???)