BaseIncomplete

CWE-1007Insufficient Visual Distinction of Homoglyphs Presented to User

Category: other

Description

The product displays information or identifiers to a user, but the display mechanism does not make it easy for the user to distinguish between visually similar or identical glyphs (homoglyphs), which may cause the user to misinterpret a glyph and perform an unintended, insecure action.

Common consequences· 1

  • Integrity / Confidentiality — Other
    An attacker may ultimately redirect a user to a malicious website, by deceiving the user into believing the URL they are accessing is a trusted domain. However, the attack can also be used to forge log entries by using homoglyphs in usernames. Homoglyph manipulations are often the first step towards executing advanced attacks such as stealing a user's credentials, Cross-Site Scripting (XSS), or log forgery. If an attacker redirects a user to a malicious site, the attacker can mimic a trusted domain to steal account credentials and perform actions on behalf of the user, without the user's knowledge. Similarly, an attacker could create a username for a website that contains homoglyph characters, making it difficult for an admin to review logs and determine which users performed which actions.

Potential mitigations· 2

  • [Implementation]
  • [Implementation]

Related CAPEC attack patterns· 1

CAPEC-632

References

  1. https://cwe.mitre.org/data/definitions/1007.html

Exploits (incoming)1

TypeTargetConfidenceTier
AttackPatternHomograph Attack via Homoglyphscapec-632100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Multiple Interpretations of UI Input
CWE
Improper Physical Access Control
CWE
Misinterpretation of Input
CWE
Insufficient Verification of Data Authenticity
CWE
Insufficient Type Distinction
CWE
Improperly Implemented Security Check for Standard
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.