BaseIncomplete

CWE-360Trust of System Event Data

Category: other

Description

Security based on event locations are insecure and can be spoofed. Events are a messaging system which may provide control data to programs listening for events. Events often do not have any type of authentication framework to allow them to be verified from a trusted source. Any application, in Windows, on a given desktop can send a message to any window on the same desktop. There is no authentication framework for these messages. Therefore, any message can be used to manipulate any process on the desktop if the process does not check the validity and safeness of those messages.

Common consequences· 1

  • Integrity / Confidentiality / Availability / Access Control — Gain Privileges or Assume Identity, Execute Unauthorized Code or Commands
    If one trusts the system-event information and executes commands based on it, one could potentially take actions based on a spoofed identity.

Potential mitigations· 1

  • [Architecture and Design]Never trust or rely any of the information in an Event for security.

References

  1. https://cwe.mitre.org/data/definitions/360.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution
CWE
Process Control
CVE
Microsoft Windows Improper Input Validation Vulnerability
Sub-technique
Bypass User Account Control
CWE
External Control of System or Configuration Setting
Technique
Event Triggered Execution
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.