CVE-2023-40660

2023-11-0617:15:11

Debian Security Bug Tracker

security-tracker.debian.org

opensc

pin bypass

os login

system compromise

security risk

cryptographic operations

unauthorized access

CVSS3

6.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

23.6%

JSON

A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small, permanently connected tokens to computers. Additionally, the token can internally track login status. This flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system without the user’s awareness.

OSVersionArchitecturePackageVersionFilename
Debian12allopensc< 0.23.0-0.3+deb12u1opensc_0.23.0-0.3+deb12u1_all.deb
Debian11allopensc<= 0.21.0-1opensc_0.21.0-1_all.deb
Debian999allopensc< 0.23.0-2opensc_0.23.0-2_all.deb
Debian13allopensc< 0.23.0-2opensc_0.23.0-2_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	opensc	< 0.23.0-0.3+deb12u1	opensc_0.23.0-0.3+deb12u1_all.deb
Debian	11	all	opensc	<= 0.21.0-1	opensc_0.21.0-1_all.deb
Debian	999	all	opensc	< 0.23.0-2	opensc_0.23.0-2_all.deb
Debian	13	all	opensc	< 0.23.0-2	opensc_0.23.0-2_all.deb