On devices that provide the capability to unlock the bootloader (hence allowing any operating system code to be flashed onto the device), perform periodic checks to ensure that the bootloader is locked.
| Domain | ID | Name | Use | |
|---|---|---|---|---|
| Mobile | T1458 | Exploit via Charging Station or PC | ||
| Mobile | T1398 | Modify OS Kernel or Boot Partition | ||
| Mobile | T1400 | Modify System Partition | ||