CWE-939
Improper Authorization in Handler for Custom URL Scheme
Description
The product uses a handler for a custom URL scheme, but it does not properly restrict which actors can invoke the handler using the scheme.
Mobile platforms and other architectures allow the use of custom URL schemes to facilitate communication between applications. In the case of iOS, this is the only method to do inter-application communication. The implementation is at the developer's discretion which may open security flaws in the application. An example could be potentially dangerous functionality such as modifying files through a custom URL scheme.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Impact
Gain Privileges or Assume Identity, Varies by Context, Bypass Protection Mechanism
Potential Mitigations
Utilize a user prompt pop-up to authorize potentially harmful actions such as those modifying data or dealing with sensitive information. When designing functionality of actions in the URL scheme, consider whether the action should be accessible to all mobile applications, or if an allowlist of applications to interface with is appropriate.
CVE-2013-5725URL scheme has action replace which requires no user prompt and allows remote attackers to perform undesired actions.
CVE-2013-5726URL scheme has action follow and favorite which allows remote attackers to force user to perform undesired actions.
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now