This is a new one (in this form) for the updated list, although in the 2014 list M7: Client side injection covered some of these principles.
| Threat Agents | Application Specific Insufficient sanitisation and validation of data from external sources – either user input or other. Apps which fail to properly validate are at risk of attacks including SQL injection, command injection and cross-site scripting. |
| Attack Vectors | Exploitability: DIFFICULT |
| Security Weakness | Prevalence: COMMON Detectability: EASY – Insufficient input validation – Insufficient output validation – Lack of contextual validation – Failure to validate data integrity |
| Technical Impacts | Impact: SEVERE – Code execution – Data breaches – System compromise – Application distruption – Reputation damage – Legal and compliance issues |
| Business Impacts | Impact: SEVERE Application: – Code execution – Data breaches – System disruption – Data integrity issues Business: – Reputation damage – Legal and compliance consequences – Financial impact |
| Causes | – Lack of input validation – Inadequate output sanitisation – Context specific validation neglect – Insufficient data integrity checks – Poor coding practices |
| Prevention | Input Validation: – Validate and sanitise user input using strict validation techniques – Implement input length restrictions and reject unexpected or malicious data Output Sanitisation: – Properly sanitise output data to prevent cross-site scripting (XSS) attacks – Use output encoding techniques when displaying or transmitting data Context-Specific Validation: – Perform specific validation based on data context – for example file uploads, or database queries – to prevent attacks like path traversal or injection. Data Integrity Checks: – Implement data integrity checks to detect and prevent data corruption or unauthorised modifications Secure Coding Practices: – Follow secure coding practices, such as using parameterised queries and prepared statements to prevent SQL injection Regular Security Testing: – Conduct regular security assessments, including penetration testing and code reviews, to identify and address vulnerabilities |
A threat actor could potentially execute code remotely by inserting unexpected characters into an app’s input. Without sufficient validation in place, this could cause the app to mishandle the input, resulting in the exposure of vulnerabilities. The attacker could then potentially gain access to sensitive data on the device.
Output santisation refers to output from the app that is sent to another system and includes SQL statements formed by the app and sent either to a local, on device database, or via an API to a back-end database. By inserting the correct string of characters into unvalidated input data, it can be possible to trick the app into sending a malicious command to the database – whether that would be to reveal sensitive data or to delete or encrypt data.
Comments are closed