M8: Security Decisions Via Untrusted Inputs
Weak implementation of user level distinctions allows attackers to exploit untrusted inputs, escalating privileges, bypassing security, and compromising application integrity.
Overview
This vulnerability occurs when untrusted inputs are used in security decisions within an application. It can be exploited by attackers who have access to the application and can manipulate sensitive parameters.
Description
The vulnerability arises from weak implementation of functionalities that distinguish higher level users from lower level users. Attackers can intercept calls and tamper with sensitive parameters, granting themselves higher level permissions. This can lead to privilege escalation, bypassing security mechanisms, and compromising the confidentiality and integrity of the application. It can also result in loss of reputation for the application and harm to its integrity and confidentiality.
How to Prevent ?
To prevent this vulnerability, developers should restrict access to a white-list of trusted applications for IPC communication in mobile applications. Sensitive actions triggered through IPC entry points should require user interaction. All input received from IPC entry points must undergo stringent input validation. Avoid passing sensitive information through IPC mechanisms as it may be susceptible to being read by third-party applications under certain scenarios.