CWE-62: UNIX Hard Link
Official CWE-62 CWE context with Glexia analysis, remediation guidance, related CVEs, and ATT&CK context.
Glexia's Take
CWE-62: UNIX Hard Link
UNIX Hard Link represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.
Executive Impact
- Confidentiality,Integrity: Read Files or Directories,Modify Files or Directories
Developer Pattern
CWE-62 is the kind of defect developers can usually prevent with explicit validation, safer framework defaults, and tests that exercise hostile input or unsafe state transitions.
Confidence
high confidence from CWE-62, 4.20.
Official CWE Definition
CWE-62: UNIX Hard Link
The product, when opening a file or directory, does not sufficiently account for when the name is associated with a hard link to a target that is outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.
Failure for a system to check for hard links can result in vulnerability to different types of attacks. For example, an attacker can escalate their privileges if a file used by a privileged program is replaced with a hard link to a sensitive file (e.g. /etc/passwd). When the process opens the file, the attacker can assume the privileges of that process.
Developer And Remediation Guidance
How teams prevent and detect this weakness
Causes
- Missing validation
- Unsafe defaults
- Insufficient authorization or memory-safety invariant
Remediation
- Architecture and Design: [object Object]
Detection
- Code review
- SAST
- DAST
- Focused regression tests
Mappings
Related CVEs, CWEs, and ATT&CK context
ATT&CK Relevance
ATT&CK relevance is shown only when reviewed or responsibly inferred.