We live in a world in which computing touches virtually every aspect of our lives, both professional and personal. That has brought many good things—and its fair share of anxieties. Financial, social, and personal security are bound up with IT in complex and permanent ways. IT security issues should be of concern to everyone.
The non-profit MITRE Corporation is funded by the United States' Department of Homeland Security. It is, in its own words, a “mission-driven team [that] is dedicated to solving problems for a safer world.” Emerging from Mitre and its mandate is the Common Weakness Enumeration (CWE) project. The CWE “is a demonstrative list of the most widespread and critical weaknesses that can lead to serious vulnerabilities in software.”
A weakness is thus not exactly the same thing as a vulnerability. Rather, some weaknesses may allow vulnerabilities to find their way into software under the right circumstances. Obviously, being aware of—and, if possible, addressing—weaknesses before they hit the vulnerability stage is a desirable thing.
The CWE rankings draw in part from the MITRE-compiled list of Common Vulnerabilities and Exposures, which is described as a list of “publicly known cybersecurity vulnerabilities.”
Recently, the CWE released a list of the Top 25 Most Dangerous Software Errors for 2019. Examining this list and learning more about each weakness may help you and your business set security priorities for 2020.
The following is the CWE's top 25 software errors, from most dangerous to least dangerous. Beneath each item is a brief description. The source list provides more in-depth information on each item.
This weakness can, among other things, lead to system crashes or allow an attacker to access sensitive data or execute his own code. It occurs when software can read from or write to a memory location beyond a buffer's boundary.
Cross-site scripting problems can crop up in a number of circumstances. In all cases, however, the result is that the software fails to neutralize input that is controlled by the user—or neutralizes it in an incorrect manner—before incorporating it into web pages.
In this instance, software incorrectly validates or fails to validate input, leaving it vulnerable to an attack in which unexpected input may be injected into the application. This can affect the program's control flow or data flow.
When this happens, sensitive information is revealed to an unauthorized party. This can make the program in which the exposure has taken place more vulnerable to attack.
When a buffer's limits are not respected and a program reads data before or beyond the buffer's boundaries, this constitutes an out-of-bounds read. This can lead to a system crash, or can reveal sensitive data to potential attackers.
This is one of the more commonly encountered weaknesses on this list, as it often arises with websites that are database-driven. SQL injection occurs when software fails to neutralize parts of an SQL command from an upstream component that could potentially modify the command when it is sent to a downstream component. Because this flaw is so widely known, any database-driven program or website will likely be targeted for attack at some point.
Software that reuses freed memory can easily lead to data corruption. Referencing freed memory may, among other things, cause a program to execute code or trigger a crash.
The software performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.
This occurs when a program is unable to verify whether a user actually and deliberately submitted a request, even though the request is valid and consistent.
This is another flaw related to failed or improper neutralization of special elements. It occurs when a program uses external input to construct a pathname with the goal of identifying a file or directory underneath a restricted parent directory, but fails to neutralize those elements within the pathname. This can lead to the pathname resolving to a location beyond the restricted directory.
This is a virtual mirror of the similarly named SQL injection. Here, the software fails to neutralize parts of an OS command from an upstream component that could potentially modify the command when it is sent to a downstream component.
Several of the highest-ranked errors—about two-thirds of the list, in fact—are not new, but are long-standing problems. This is a reminder that some software security issues do not yield easily to solutions and require constant vigilance.
Similar to an out-of-bounds read. When a buffer's limits are not respected and a program writes data before or beyond the buffer's boundaries, this constitutes and out-of-bounds write. This can lead to, among other things, corruption of data, and can crash a system.
The software that cannot prove the authenticity of someone interacting with the system, or cannot prove it sufficiently.
A system crash may be precipitated by this weakness. It involves a program dereferencing a NULL pointer that it expected would be valid.
This flaw can allow unauthorized users or other actors to read or change a resource whose permissions have not been properly defined.
Some software products allow the upload or transfer of files that may be dangerous, leaving the application vulnerable to attack.
This occurs in XML documents with XML entities that contain URIs resolving to other documents beyond the intended sphere of control. As a result, the software embeds faulty documents into its output.
Another injection flaw. Here, the software fails to neutralize parts of a code segment constructed from an upstream component that could potentially modify the segment.
When passwords or cryptographic keys are used by an application for inbound authentication, outbound communication to external components, or encryption of internal data, this can create a vulnerability.
This flaw can leave an application open to external influences that may lead to resource exhaustion. It occurs when the software does not properly control the allocation and maintenance of the (limited) resource, making it possible for an external force to influence the use of the resource.
When software does not release a resource once that resource is no longer needed, it can leave a system vulnerable to a DoS attack. The attack works by allocating resources but not triggering their release.
In this scenario, a search path supplied by an external source may look for resources that are not directly controlled by the software. This could allow an attacker to point the search path to a malicious program, access data files, etc.
The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.
When privileges are not properly managed, an external user may be able to influence or control the software in an unauthorized fashion. Privileges must be assigned, modified, tracked, and checked properly to avoid this.
A malicious or invalid certificate can give attackers the opportunity to do things like spoof another, trusted entity. Software must validate certificates fully and correctly in order to avoid this.
If you or your team experience any software errors or unusual activity on your computers, reach out to CITI. We will ensure that your systems are secure and safe from cybersecurity threats.