VariantDraft

CWE-622Improper Validation of Function Hook Arguments

Category: other

Description

The product adds hooks to user-accessible API functions, but it does not properly validate the arguments. This could lead to resultant vulnerabilities. Such hooks can be used in defensive software that runs with privileges, such as anti-virus or firewall, which hooks kernel calls. When the arguments are not validated, they could be used to bypass the protection scheme or attack the product itself.

Common consequences· 1

  • Integrity — Unexpected State

Potential mitigations· 2

  • [Architecture and Design]Ensure that all arguments are verified, as defined by the API you are protecting.
  • [Architecture and Design]Drop privileges before invoking such functions, if possible.

References

  1. https://cwe.mitre.org/data/definitions/622.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Incorrect Use of Privileged APIs
CWE
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE
Dangerous Signal Handler not Disabled During Sensitive Operations
CWE
Use of Potentially Dangerous Function
CWE
Use of Low-Level Functionality
CWE
Improper Handling of Insufficient Privileges
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.