M8: Security Decisions Based on Untrusted Inputs
Vulnerability occurs from using untrusted inputs in security decisions within an app, leading to privilege escalation and compromising confidentiality/integrity. Learn prevention measures.
Overview
This vulnerability occurs when untrusted inputs are utilized in security decisions within an application. It can be exploited by attackers who have access to the application and can manipulate sensitive parameters.
Description
The vulnerability arises from a weak implementation of functionalities that differentiate higher-level users from lower-level users. Attackers can intercept calls and tamper with sensitive parameters, granting themselves higher-level permissions. This can lead to privilege escalation, bypassing security mechanisms, and compromising the confidentiality and integrity of the application. It can also result in the loss of reputation for the application and harm to its integrity and confidentiality.
How to Prevent ?
To prevent this vulnerability, developers should restrict access to a white-list of trusted applications for IPC communication in mobile applications. Sensitive actions triggered through IPC entry points should require user interaction. All input received from IPC entry points must undergo stringent input validation. Avoid passing sensitive information through IPC mechanisms as it may be susceptible to being read by third-party applications under certain scenarios.