{"api_version":"1","generated_at":"2026-04-23T06:19:30+00:00","cve":"CVE-2023-40660","urls":{"html":"https://cve.report/CVE-2023-40660","api":"https://cve.report/api/cve/CVE-2023-40660.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-40660","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-40660"},"summary":{"title":"CVE-2023-40660","description":"A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small, permanently connected tokens to computers. Additionally, the token can internally track login status. This flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system without the user's awareness.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2023-11-06 17:15:00","updated_at":"2023-11-14 17:12:00"},"problem_types":["CWE-287"],"metrics":[],"references":[{"url":"https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories","name":"https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories","refsource":"MISC","tags":[],"title":"OpenSC security advisories · OpenSC/OpenSC Wiki · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1","name":"https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1","refsource":"MISC","tags":[],"title":"Release 0.24.0-rc1 · OpenSC/OpenSC · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/security/cve/CVE-2023-40660","name":"https://access.redhat.com/security/cve/CVE-2023-40660","refsource":"MISC","tags":[],"title":"cve-details","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240912","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2240912","refsource":"MISC","tags":[],"title":"2240912 – (CVE-2023-40660) CVE-2023-40660 OpenSC: Potential PIN bypass when card tracks its own login state","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651","name":"https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651","refsource":"MISC","tags":[],"title":"New release 0.24.0 · Issue #2792 · OpenSC/OpenSC · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-40660","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-40660","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"40660","vulnerable":"1","versionEndIncluding":"0.23.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"opensc_project","cpe5":"opensc","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"40660","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"40660","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-40660","qid":"161246","title":"Oracle Enterprise Linux Security Update for opensc (ELSA-2023-7879)"},{"cve":"CVE-2023-40660","qid":"161249","title":"Oracle Enterprise Linux Security Update for opensc (ELSA-2023-7876)"},{"cve":"CVE-2023-40660","qid":"242627","title":"Red Hat Update for opensc (RHSA-2023:7879)"},{"cve":"CVE-2023-40660","qid":"242631","title":"Red Hat Update for opensc (RHSA-2023:7876)"},{"cve":"CVE-2023-40660","qid":"284825","title":"Fedora Security Update for opensc (FEDORA-2023-c7e4c9af51)"},{"cve":"CVE-2023-40660","qid":"285094","title":"Fedora Security Update for opensc (FEDORA-2023-a854153d7a)"},{"cve":"CVE-2023-40660","qid":"356583","title":"Amazon Linux Security Advisory for opensc : ALAS2-2023-2323"},{"cve":"CVE-2023-40660","qid":"356637","title":"Amazon Linux Security Advisory for opensc : ALAS2023-2023-417"},{"cve":"CVE-2023-40660","qid":"379617","title":"Alibaba Cloud Linux Security Update for opensc (ALINUX3-SA-2024:0026)"},{"cve":"CVE-2023-40660","qid":"506145","title":"Alpine Linux Security Update for opensc"},{"cve":"CVE-2023-40660","qid":"6000352","title":"Debian Security Update for opensc (DLA 3668-1)"},{"cve":"CVE-2023-40660","qid":"755092","title":"SUSE Enterprise Linux Security Update for opensc (SUSE-SU-2023:4089-1)"},{"cve":"CVE-2023-40660","qid":"755099","title":"SUSE Enterprise Linux Security Update for opensc (SUSE-SU-2023:4104-1)"},{"cve":"CVE-2023-40660","qid":"941506","title":"AlmaLinux Security Update for opensc (ALSA-2023:7876)"},{"cve":"CVE-2023-40660","qid":"941511","title":"AlmaLinux Security Update for opensc (ALSA-2023:7879)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-40660","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small, permanently connected tokens to computers. Additionally, the token can internally track login status. This flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system without the user's awareness."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Improper Authentication","cweId":"CWE-287"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"OpenSC","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"version":"0.24.0-rc1","status":"unaffected"}]}}]}}]}},{"vendor_name":"Red Hat","product":{"product_data":[{"product_name":"Red Hat Enterprise Linux 7","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unknown"}}]}},{"product_name":"Red Hat Enterprise Linux 8","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}},{"product_name":"Red Hat Enterprise Linux 9","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}}]}},{"vendor_name":"Fedora","product":{"product_data":[{"product_name":"Fedora","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}}]}}]}},"references":{"reference_data":[{"url":"https://access.redhat.com/security/cve/CVE-2023-40660","refsource":"MISC","name":"https://access.redhat.com/security/cve/CVE-2023-40660"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240912","refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2240912"},{"url":"https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651","refsource":"MISC","name":"https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651"},{"url":"https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1","refsource":"MISC","name":"https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1"},{"url":"https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories","refsource":"MISC","name":"https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories"}]},"credits":[{"lang":"en","value":"Upstream acknowledges Deepanjan Pal (Oracle Corporation) as the original reporter."}],"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"PHYSICAL","availabilityImpact":"HIGH","baseScore":6.6,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"}]}},"nvd":{"publishedDate":"2023-11-06 17:15:00","lastModifiedDate":"2023-11-14 17:12:00","problem_types":["CWE-287"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":6.6,"baseSeverity":"MEDIUM"},"exploitabilityScore":0.7,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:opensc_project:opensc:*:*:*:*:*:*:*:*","versionEndIncluding":"0.23.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}