Determine firmware version

Firmware is permanent software programmed into the read-only memory of a device. As with other types of software, firmware may be updated over time and have multiple versions. [1]

ID: T1258
Sub-techniques:  No sub-techniques
Tactic: Technical Information Gathering
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018


Detectable by Common Defenses (Yes/No/Partial): No

Explanation: No easy way for defenders to detect when an adversary collects this information.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Depending upon the target device, there are variable ways for an adversary to determine the firmware version. In some cases, this information can be derived from easily obtained information. For example, in [ Cisco] devices, the firmware version is easily determined once the device model and OS version is known since it is included in the release notes.


  1. Humberto J. Abdelnur, Radu State, Olivier Festor. (2008). Advanced Network Fingerprinting. Retrieved April 2, 2017.