Tag Archives: Improper Authorization in Handler for Custom URL Scheme

CWE-939 – Improper Authorization in Handler for Custom URL Scheme

Read Time:47 Second

Description

The software uses a handler for a custom URL scheme, but it does not properly restrict which actors can invoke the handler using the scheme.

Mobile platforms and other architectures allow the use of custom URL schemes to facilitate communication between applications. In the case of iOS, this is the only method to do inter-application communication. The implementation is at the developer’s discretion which may open security flaws in the application. An example could be potentially dangerous functionality such as modifying files through a custom URL scheme.

Modes of Introduction:

– Implementation

Likelihood of Exploit:

 

Related Weaknesses

CWE-862

 

Consequences

 

Potential Mitigations

Phase: Architecture and Design

Effectiveness:

Description: 

CVE References

 

  • CVE-2013-5725
    • URL scheme has action replace which requires no user prompt and allows remote attackers to perform undesired actions.
  • CVE-2013-5726
    • URL scheme has action follow and favorite which allows remote attackers to force user to perform undesired actions.