CVE-2023-40660
Opensc: potential pin bypass when card tracks its own login state
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small, permanently connected tokens to computers. Additionally, the token can internally track login status. This flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system without the user's awareness.
Se encontró una falla en los paquetes OpenSC que permiten una posible omisión del PIN. Cuando un token/tarjeta es autenticado por un proceso, puede realizar operaciones criptográficas en otros procesos cuando se pasa un pin vacío de longitud cero. Este problema plantea un riesgo de seguridad, particularmente para el inicio de sesión/desbloqueo de pantalla del sistema operativo y para tokens pequeños conectados permanentemente a las maquinas. Además, el token puede rastrear internamente el estado de inicio de sesión. Esta falla permite que un atacante obtenga acceso no autorizado, lleve a cabo acciones maliciosas o comprometa el sistema sin que el usuario se de cuenta.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-08-18 CVE Reserved
- 2023-11-06 CVE Published
- 2023-12-14 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (11)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2023:7876 | 2023-12-23 | |
| https://access.redhat.com/errata/RHSA-2023:7879 | 2023-12-23 | |
| https://access.redhat.com/security/cve/CVE-2023-40660 | 2023-12-19 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2240912 | 2023-12-19 | |
| https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories | 2023-12-23 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Opensc Project Search vendor "Opensc Project" | Opensc Search vendor "Opensc Project" for product "Opensc" | <= 0.23.0 Search vendor "Opensc Project" for product "Opensc" and version " <= 0.23.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 9.0 Search vendor "Redhat" for product "Enterprise Linux" and version "9.0" | - |
Affected
| ||||||