CWE-273: Improper Check for Dropped Privileges

Description

The product attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.

Submission Date :

July 19, 2006, midnight

Modification Date :

2023-06-29 00:00:00+00:00

Organization :

MITRE
Extended Description

If the drop fails, the product will continue to run with the raised privileges, which might provide additional access to unprivileged users.

Example Vulnerable Codes

Example - 1

This code attempts to take on the privileges of a user before creating a file, thus avoiding performing the action with unnecessarily high privileges:


bool fDataWritten = false;ImpersonateNamedPipeClient(hPipe);HANDLE hFile = CreateFile(...);/../RevertToSelf()/../bool DoSecureStuff(HANDLE hPipe) {}

The call to ImpersonateNamedPipeClient may fail, but the return value is not checked. If the call fails, the code may execute with higher privileges than intended. In this case, an attacker could exploit this behavior to write a file to a location that the attacker does not have access to.

Related Weaknesses

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.

CWE-252: Unchecked Return Value
Go to
CWE-271: Privilege Dropping / Lowering Errors
Go to
CWE-754: Improper Check for Unusual or Exceptional Conditions
Go to

Visit http://cwe.mitre.org/ for more details.