Saturday 04 July 2026 23:13:40 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Workflow abuse

Misusing a legitimate business or support process to achieve an unauthorized security outcome.

Workflow abuse is the misuse of a legitimate business or support process to get an unauthorized security outcome. Instead of exploiting software code directly, an attacker targets the steps people and systems use for account recovery, identity checks, approvals, refunds, onboarding, or access changes. If the process is trusted too much, a normal-looking request can be turned into account takeover or privilege escalation.

This matters because many real attacks focus on the help desk and recovery flow, where a single weak verification step can override strong login controls. Defenders reduce the risk by treating support workflows like security boundaries: require step-up verification, separate approval roles, log and review sensitive actions, rate-limit repeated requests, and test processes for abuse cases. Good design assumes the workflow itself may be an attack surface.

← WIKICROOK index