Authorization / Insecure Filesystem Access

Description

Insecure Filesystem Access is a type of authorization vulnerability that occurs when an application does not restrict access to the filesystem of a device, such as a computer or mobile phone. This type of vulnerability can be exploited by malicious actors to access files stored on the device, including confidential and/or sensitive information. According to the Common Weakness Enumeration (CWE), this type of vulnerability is classified as CWE-285. The Open Web Application Security Project (OWASP) also provides guidance on testing for this type of vulnerability in the OWASP Testing Guide.

Risk

The exploitation of this vulnerability can result in several risks, including the disclosure of confidential information, data corruption, and the introduction of malicious code. Additionally, successful exploitation of this vulnerability can lead to a complete takeover of the affected system. As a result, an attacker can gain full control of the device and use it for malicious purposes.

Solution

To protect against this vulnerability, it is important to implement proper authorization controls and access management when accessing the filesystem. Additionally, organizations should utilize application-level encryption to protect data stored on the device, as well as regularly updating the device’s OS and applications to ensure that any vulnerabilities are patched.

Example

In the following example, an Android application fails to properly restrict access to the device's filesystem. This can be exploited by a malicious user to gain access to sensitive files stored on the device.

if (ContextCompat.checkSelfPermission(this, Manifest.permission.READ_EXTERNAL_STORAGE) != PackageManager.PERMISSION_GRANTED) { // No permission granted } else { // Accessing filesystem without permission File[] files = getExternalFilesDir().listFiles(); for (File file : files) { // Accessing file } }