- What is CWE-732?
- The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
- What CVEs are caused by CWE-732?
- 670 recorded CVEs are attributed to CWE-732, including CVE-2019-15752, CVE-2022-22960, CVE-2018-13374. 3 are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- How do you prevent CWE-732?
- When using a critical resource such as a configuration file, check to see if the resource has insecure permissions (such as being modifiable by any regular user) [REF-62], and generate an error or even exit the software if there is a possibility that the resource could have been modified by an unauthorized party.
- How is CWE-732 detected?
- Automated Static Analysis: Automated static analysis may be effective in detecting permission problems for system resources such as files, directories, shared memory, device interfaces, etc. Automated techniques may be able to detect the use of library functions that modify permissions, then analyze function calls for arguments that contain potentially insecure values.
- What are the consequences of CWE-732?
- Exploiting CWE-732 can lead to: Read Application Data, Read Files or Directories, Gain Privileges or Assume Identity, Modify Application Data, Other.
- Is CWE-732 actively exploited?
- Yes. 3 CWE-732 vulnerabilities are in CISA's KEV catalog of actively exploited flaws, out of 670 recorded CVEs.