1. Home
  2. CWE Database
  3. CWE-65
Variant · Low-Medium

CWE-65: Windows Hard Link

The product, when opening a file or directory, does not sufficiently handle when the name is associated with a hard link to a target that is outside of the intended control sphere. This could allow an...

CWE-65 · Variant Level ·2 CVEs ·1 Mitigations

Description

The product, when opening a file or directory, does not sufficiently handle when the name is associated with a hard link to a target that is outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.

Failure for a system to check for hard links can result in vulnerability to different types of attacks. For example, an attacker can escalate their privileges if a file used by a privileged program is replaced with a hard link to a sensitive file (e.g. AUTOEXEC.BAT). When the process opens the file, the attacker can assume the privileges of that process, or prevent the program from accurately processing data.

Potential Impact

Confidentiality, Integrity

Read Files or Directories, Modify Files or Directories

Mitigations & Prevention

Architecture and Design

Follow the principle of least privilege when assigning access rights to entities in a software system. Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted.

Real-World CVE Examples

CVE IDDescription
CVE-2002-0725File system allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file.
CVE-2003-0844Web server plugin allows local users to overwrite arbitrary files via a symlink attack on predictable temporary filenames.

CWE-59: Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identif...

Taxonomy Mappings

  • PLOVER: — Windows hard link
  • CERT C Secure Coding: FIO05-C — Identify files using multiple file attributes
  • Software Fault Patterns: SFP18 — Link in resource name resolution

Frequently Asked Questions

What is CWE-65?

CWE-65 (Windows Hard Link) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Variant-level weakness. The product, when opening a file or directory, does not sufficiently handle when the name is associated with a hard link to a target that is outside of the intended control sphere. This could allow an...

How can CWE-65 be exploited?

Attackers can exploit CWE-65 (Windows Hard Link) to read files or directories, modify files or directories. This weakness is typically introduced during the Implementation, Operation phase of software development.

How do I prevent CWE-65?

Key mitigations include: Follow the principle of least privilege when assigning access rights to entities in a software system. Denying access to a file can prevent an attacker from replacing that file wit

What is the severity of CWE-65?

CWE-65 is classified as a Variant-level weakness (Low-Medium abstraction). It has been observed in 2 real-world CVEs.