Closed c4-submissions closed 10 months ago
If you look at the way that the sanctionOverrides
mapping is actually built, the override only actually triggers if it is the borrower that activates it for a given lender.
Third parties are welcome to spam overrideSanction
until the heat death of the Universe, it changes nothing except contributing to the ultrasound money narrative by burning ETH.
minhquanym marked the issue as low quality report
MarioPoneder marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-10-wildcat/blob/c5df665f0bc2ca5df6f06938d66494b11e7bdada/src/WildcatSanctionsSentinel.sol#L45-L51
Vulnerability details
Impact
Without proper access control, any address can call the
overrideSanction
function and override the sanction status of an account. This can potentially be exploited by malicious actors to bypass sanctions and carry out unauthorized actions, putting the entire protocol at risk.The integrity of the sanction overrides data is compromised, as any user can manipulate the status, leading to unreliable and incorrect data.
Users may lose trust in the protocol due to its inability to secure important functions, which could lead to a decrease in user adoption and overall value of the protocol.
Proof of Concept
In the above proof of concept, a malicious actor deploys a contract Attack that calls the overrideSanction function on the target protocol, exploiting the lack of access control and potentially overriding sanctions on an account.
Tools Used
Vscode
Recommended Mitigation Steps
Add access control to the
overrideSanction
function to ensure that only authorized addresses can call this function.Assessed type
Access Control