Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-65 (Windows硬链接) — Vulnerability Class 6

6 vulnerabilities classified as CWE-65 (Windows硬链接). AI Chinese analysis included.

CWE-65 represents a path traversal weakness where software fails to validate whether a file or directory name resolves to a hard link pointing outside its intended control sphere. Attackers typically exploit this by creating hard links to sensitive system files or directories, tricking the application into operating on unauthorized resources. This bypasses access controls, potentially allowing data exfiltration, modification, or denial of service. To mitigate this risk, developers must implement rigorous input validation that resolves symbolic and hard links before processing. Utilizing operating system APIs that detect link targets and ensuring applications operate within strict chroot or sandboxed environments helps prevent unintended access. Additionally, verifying that the resolved path remains within the expected directory hierarchy is crucial for maintaining security boundaries and preventing privilege escalation through link manipulation.

MITRE CWE Description
The product, when opening a file or directory, does not sufficiently handle when the name is associated with a hard link to a target that is outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files. Failure for a system to check for hard links can result in vulnerability to different types of attacks. For example, an attacker can escalate their privileges if a file used by a privileged program is replaced with a hard link to a sensitive file (e.g. AUTOEXEC.BAT). When the process opens the file, the attacker can assume the privileges of that process, or prevent the program from accurately processing data.
Common Consequences (1)
Confidentiality, IntegrityRead Files or Directories, Modify Files or Directories
Mitigations (1)
Architecture and DesignFollow the principle of least privilege when assigning access rights to entities in a software system. Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted.
CVE IDTitleCVSSSeverityPublished
CVE-2022-23742 Check Point Endpoint Security Client后置链接漏洞 — Check Point Endpoint Security Client for Windows 7.8 -2022-05-12
CVE-2020-6013 Check Point ZoneAlarm 安全漏洞 — Check Point ZoneAlarm 8.8 -2020-07-06
CVE-2019-19231 Broadcom CA Client Automation 安全漏洞 — CA Client Automation 7.3 High2019-12-20
CVE-2019-8454 Check Point Endpoint Security 后置链接漏洞 — Check Point Endpoint Security client for Windows 7.0 -2019-04-29
CVE-2019-8452 Check Point ZoneAlarm 后置链接漏洞 — Check Point ZoneAlarm 7.8 -2019-04-22
CVE-2019-8455 Check Point ZoneAlarm 后置链接漏洞 — Check Point ZoneAlarm 7.1 -2019-04-17

Vulnerabilities classified as CWE-65 (Windows硬链接) represent 6 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.