Threat Modeling: Why are MCP Servers an attack surface?
Threat Modeling: Why are MCP Servers an attack surface?
MCP Servers aren’t passive APIs, they execute live actions on systems, tools, and third-party APIs. This makes them high-value targets. In most scenarios, a misconfigured MCP Server equals a remote shell for threat actors.
Reasons they’re risky:
- Execute real commands (e.g., nmap, curl, python)
- Bridge to sensitive tools (SIEM, ticketing, internal DBs)
- Accept user input, perfect for command injection
- Often deployed rapidly in test or research environments