CWE-266: Incorrect Privilege Assignment

CWE-266: Incorrect Privilege Assignment | RadicalNotion.AI

Code examples

Illustrative examples from MITRE showing how the weakness appears in code.

The following example demonstrates the weakness.

Vulnerable example

/* do some stuff */
seteuid(0);

The following example demonstrates the weakness.

Vulnerable example

java

AccessController.doPrivileged(new PrivilegedAction() {

This application sends a special intent with a flag that allows the receiving application to read a data file for backup purposes.

Vulnerable example

java

Intent intent = new Intent();

Attack input

java

public class CallReceiver extends BroadcastReceiver {

Any malicious application can register to receive this intent. Because of the FLAG_GRANT_READ_URI_PERMISSION included with the intent, the malicious receiver code can read the user's data.

CWE-266: Incorrect Privilege Assignment

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

Code examples

Illustrative examples

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-266?

What CVEs are caused by CWE-266?

How do you prevent CWE-266?

What are the consequences of CWE-266?

Is CWE-266 actively exploited?

References

Stay ahead of CWE-266

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

Code examples

Illustrative examples

Related weaknesses

Parent

Child

Can also be

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-266?

What CVEs are caused by CWE-266?

How do you prevent CWE-266?

What are the consequences of CWE-266?

Is CWE-266 actively exploited?

References

Stay ahead of CWE-266