CVE-2023-53741

Summary

Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization.

Affected Software

VendorProductVersion RangeStatus
DB Elettronica Telecomunicazioni SpAScreen SFT DAB Series - Compact Radio DAB Transmitter1.9.3affected

Weaknesses

  • CWE-384: CWE-384: Session Fixation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

Additional References

References