CWE-272: Least Privilege Violation

CWE-272: Least Privilege Violation | RadicalNotion.AI

Code examples

Illustrative examples from MITRE showing how the weakness appears in code.

The following example demonstrates the weakness.

Vulnerable example

setuid(0);

The following example demonstrates the weakness.

Vulnerable example

java

AccessController.doPrivileged(new PrivilegedAction() {

The following code calls chroot() to restrict the application to a subset of the filesystem below APP_HOME in order to prevent an attacker from using the program to gain unauthorized access to files located elsewhere. The code then opens a file specified by the user and processes the contents of the file.

Vulnerable example

chroot(APP_HOME);

Constraining the process inside the application's home directory before opening any files is a valuable security measure. However, the absence of a call to setuid() with some non-zero value means the application is continuing to operate with unnecessary root privileges. Any successful exploit carried out by an attacker against the application can now result in a privilege escalation attack because any malicious operations will be performed with the privileges of the superuser. If the application drops to the privilege level of a non-root user, the potential for damage is substantially reduced.

CWE-272: Least Privilege Violation

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

How to detect it

Automated Static Analysis - Binary or Bytecode

Dynamic Analysis with Automated Results Interpretation

Manual Static Analysis - Source Code

Automated Static Analysis - Source Code

Automated Static Analysis

Architecture or Design Review

Code examples

Terminology & mappings

Mapped taxonomies

Attack patterns

Frequently asked questions

What is CWE-272?

What CVEs are caused by CWE-272?

How do you prevent CWE-272?

How is CWE-272 detected?

What are the consequences of CWE-272?

Is CWE-272 actively exploited?

References

Stay ahead of CWE-272

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

How to detect it

Automated Static Analysis - Binary or Bytecode

Dynamic Analysis with Automated Results Interpretation

Manual Static Analysis - Source Code

Automated Static Analysis - Source Code

Automated Static Analysis

Architecture or Design Review

Code examples

Related weaknesses

Parent

Terminology & mappings

Mapped taxonomies

Attack patterns

Frequently asked questions

What is CWE-272?

What CVEs are caused by CWE-272?

How do you prevent CWE-272?

How is CWE-272 detected?

What are the consequences of CWE-272?

Is CWE-272 actively exploited?

References

Stay ahead of CWE-272