CVE-2023-6259

Name of the Vulnerable Software and Affected Versions Brivo ACS100, ACS300 versions 5.2.4 through 6.2.4.3

Description The issue is related to Insufficiently Protected Credentials and Improper Access Control, allowing password recovery exploitation and bypassing physical security. This can be exploited to gain unauthorized access.

Recommendations For versions 5.2.4 through 6.2.4.3, update to version 6.2.4.3 or later to resolve the issue. As a temporary workaround, consider restricting access to password recovery features until a patch is applied. Additionally, review and strengthen access control mechanisms to prevent unauthorized access.