Vulnerability Details : CVE-2023-40660
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small, permanently connected tokens to computers. Additionally, the token can internally track login status. This flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system without the user's awareness.
Vulnerability category: Bypass
Products affected by CVE-2023-40660
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:opensc_project:opensc:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-40660
0.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 37 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-40660
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.6
|
MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
0.7
|
5.9
|
NIST | |
6.6
|
MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
0.7
|
5.9
|
Red Hat, Inc. |
CWE ids for CVE-2023-40660
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)
-
The product uses a broken or risky cryptographic algorithm or protocol.Assigned by: secalert@redhat.com (Primary)
References for CVE-2023-40660
-
https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1
Release 0.24.0-rc1 · OpenSC/OpenSC · GitHubRelease Notes
-
https://access.redhat.com/errata/RHSA-2023:7879
RHSA-2023:7879 - Security Advisory - Red Hat 客户门户网站
-
https://access.redhat.com/errata/RHSA-2023:7876
RHSA-2023:7876 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/security/cve/CVE-2023-40660
CVE-2023-40660- Red Hat Customer PortalThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2023/11/msg00024.html
[SECURITY] [DLA 3668-1] opensc security update
-
http://www.openwall.com/lists/oss-security/2023/12/13/2
oss-security - CVE-2023-40660: Potential PIN bypass with empty PIN in OpenSC before 0.24.0
-
https://bugzilla.redhat.com/show_bug.cgi?id=2240912
2240912 – (CVE-2023-40660) CVE-2023-40660 OpenSC: Potential PIN bypass when card tracks its own login stateIssue Tracking
-
https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651
New release 0.24.0 · Issue #2792 · OpenSC/OpenSC · GitHubIssue Tracking
-
https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories
OpenSC security advisories · OpenSC/OpenSC Wiki · GitHubVendor Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLYEFIBBA37TK3UNMZN5NOJ7IWCIXLQP/
[SECURITY] Fedora 39 Update: opensc-0.24.0-1.fc39 - package-announce - Fedora Mailing-Lists
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3CPQOMCDWFRBMEFR5VK4N5MMXXU42ODE/
[SECURITY] Fedora 38 Update: opensc-0.24.0-1.fc38 - package-announce - Fedora Mailing-Lists
Jump to