Vulnerability identifier: #VU82973
Vulnerability risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-285
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
OpenSC
Universal components / Libraries /
Libraries used by multiple products
Vendor: OpenSC
Description
The vulnerability allows an attacker to bypass authorization process.
The vulnerability exists due to a logic error in the authorization process. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. An attacker with physical proximity to the system can bypass the OS logon/screen for small permanently connected tokens to computers.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
OpenSC: 0.2.0 - 0.23.0 rc2
External links
http://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1
http://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories
http://bugzilla.redhat.com/show_bug.cgi?id=2240912
http://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651
http://access.redhat.com/security/cve/CVE-2023-40660
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.