CVE-2023-40660
MEDIUMOpenSC < 0.23.0 - Improper Authentication via Zero-Length PIN Bypass
Title source: llmDescription
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small, permanently connected tokens to computers. Additionally, the token can internally track login status. This flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system without the user's awareness.
References (12)
Core 12
Core References
Release Notes
https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1
Vendor Advisory
https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories
Mailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/3CPQOMCDWFRBMEFR5VK4N5MMXXU42ODE/
Mailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/GLYEFIBBA37TK3UNMZN5NOJ7IWCIXLQP/
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2023:7876
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2023:7879
Third Party Advisory vdb-entry
x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2023-40660
Issue Tracking issue-tracking
x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2240912
Scores
CVSS v3
6.6
EPSS
0.0004
EPSS Percentile
11.2%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-287
Status
published
Products (3)
opensc_project/opensc
< 0.23.0
redhat/enterprise_linux
8.0
redhat/enterprise_linux
9.0
Published
Nov 06, 2023
Tracked Since
Feb 18, 2026