Authentication Bypass in OpenSC Software by OpenSC Project
CVE-2009-0368

Currently unrated

Key Information:

Vendor: Opensc-project
Status: Opensc
Vendor: CVE Published:; 2 March 2009

🔔 Create Opensc-project Vulnerability Alert

What is CVE-2009-0368?

OpenSC software prior to version 0.11.7 has a vulnerability that allows attackers in physical proximity to bypass PIN requirements. They can exploit this flaw by sending low-level APDU commands or utilizing debugging tools, which enables them to access sensitive private data files, such as 4601 and 4701, potentially leading to unauthorized data exposure.

References

http://secunia.com/advisories/34120

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/33922

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/48958

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 2, 2009
Vulnerability Reserved
Jan 29, 2009

CVE-2009-0368 Data

JSON