CVE-2023-53776

CVSS v3.1

8.8

High

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Screen SFT DAB version 1.9.3

Description Screen SFT DAB version 1.9.3 has an authentication issue. An attacker can bypass authentication by reusing IP-bound session identifiers due to weak session management. This allows unauthorized requests to the device management API, enabling critical operations on the transmitter. The issue involves exploiting the session binding mechanism.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Session Fixation

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-384

Related Identifiers

CVE-2023-53776

Affected Products

Screen Sft Dab

CVE-2023-53776

Weakness Enumeration

Related Identifiers

Affected Products

References · 11