VariantIncomplete

CWE-65Windows Hard Link

Category: other

Description

The product, when opening a file or directory, does not sufficiently handle when the name is associated with a hard link to a target that is outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files. Failure for a system to check for hard links can result in vulnerability to different types of attacks. For example, an attacker can escalate their privileges if a file used by a privileged program is replaced with a hard link to a sensitive file (e.g. AUTOEXEC.BAT). When the process opens the file, the attacker can assume the privileges of that process, or prevent the program from accurately processing data.

Common consequences· 1

  • Confidentiality / Integrity — Read Files or Directories, Modify Files or Directories

Potential mitigations· 1

  • [Architecture and Design]

References

  1. https://cwe.mitre.org/data/definitions/65.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
UNIX Hard Link
CWE
Windows Shortcut Following (.LNK)
CWE
UNIX Symbolic Link (Symlink) Following
CWE
Improper Link Resolution Before File Access ('Link Following')
CWE
Insecure Operation on Windows Junction / Mount Point
CWE
Path Equivalence: 'fakedir/../realdir/filename'
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.