The remote host is affected by the vulnerability described in GLSA-202412-15 (OpenSC: Multiple Vulnerabilities)

    Multiple vulnerabilities have been discovered in OpenSC. Please review the CVE identifiers referenced     below for details.

Tenable has extracted the preceding description block directly from the Gentoo Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the opensc-0.23.0-3.el9 build changelog.

  - Potential PIN bypass (CVE-2023-40660)

  - Dynamic analyzers reports in pkcs15init (CVE-2023-40661)

  - Out-of-bounds read in MyEID driver handling encryption using symmetric keys (CVE-2023-4535)

  - Side-channel leaks while stripping encryption PKCS#1.5 padding (CVE-2023-5992)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7879 advisory.

    The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on     cards that support cryptographic operations and enables their use for authentication, mail encryption, or     digital signatures.

    Security Fix(es):

    * OpenSC: Potential PIN bypass when card tracks its own login state (CVE-2023-40660)

    * OpenSC: multiple memory issues with pkcs15-init (enrollment tool) (CVE-2023-40661)

    * OpenSC: out-of-bounds read in MyEID driver handling encryption using symmetric keys (CVE-2023-4535)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-417 advisory.

    Potential PIN bypass.When the token/card was plugged into the computer and authenticated from one process,     it could be used to provide cryptographic operations from different process when the empty, zero-length     PIN and the token can track the login status using some of its internals. This is dangerous for OS     logon/screen unlock and small tokens that are plugged permanently to the computer. (CVE-2023-40660)

    multiple memory issues with pkcs15-init (enrollment tool) (CVE-2023-40661)

    Out-of-bounds read in MyEID driver handling encryption using symmetric keys

    This issue require physical access to the computer running opensc and crafted USB device or smart card     that would present the system with specially crafted responses to the APDUs so they are considered a high-     complexity and low-severity.

    This issue is in the code handling symmetric keys, which are not widely used for example for desktop login     so most of the deployments are not affected. (CVE-2023-4535)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0030 advisory.

    Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:

    CVE-2021-34193:
    Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs.

    CVE-2023-2977:
    A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15     cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context.
    The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is     wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In     cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is     possible.

    CVE-2023-40660:
    A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated     by one process, it can perform cryptographic operations in other processes when an empty zero-length pin     is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small,     permanently connected tokens to computers. Additionally, the token can internally track login status. This     flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system     without the user's awareness.

    CVE-2023-4535:
    An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling     symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the     computer and a specially crafted USB device or smart card. This flaw allows the attacker to manipulate     APDU responses and potentially gain unauthorized access to sensitive data, compromising the system's     security.

Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4535 advisory.

  - An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling     symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the     computer and a specially crafted USB device or smart card. This flaw allows the attacker to manipulate     APDU responses and potentially gain unauthorized access to sensitive data, compromising the system's     security. (CVE-2023-4535)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a854153d7a advisory.

    New upstream release (#2240701) with security fixes for CVE-2023-40660, CVE-2023-4535, CVE-2023-40661


Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:7879 advisory.

  - A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated     by one process, it can perform cryptographic operations in other processes when an empty zero-length pin     is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small,     permanently connected tokens to computers. Additionally, the token can internally track login status. This     flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system     without the user's awareness. (CVE-2023-40660)

  - Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card     enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of     these flaws, an attacker must have physical access to the computer system and employ a custom-crafted USB     device or smart card to manipulate responses to APDUs. This manipulation can potentially allow compromise     key generation, certificate loading, and other card management operations during enrollment.
    (CVE-2023-40661)

  - An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling     symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the     computer and a specially crafted USB device or smart card. This flaw allows the attacker to manipulate     APDU responses and potentially gain unauthorized access to sensitive data, compromising the system's     security. (CVE-2023-4535)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c7e4c9af51 advisory.

    New upstream release (#2240701) with security fixes for CVE-2023-40660, CVE-2023-4535, CVE-2023-40661


Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote NewStart CGSL host, running version MAIN 7.02, has opensc packages installed that are affected by multiple vulnerabilities:

  - A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated     by one process, it can perform cryptographic operations in other processes when an empty zero-length pin     is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small,     permanently connected tokens to computers. Additionally, the token can internally track login status. This     flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system     without the user's awareness. (CVE-2023-40660)

  - A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15     cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context.
    The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is     wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In     cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is     possible. (CVE-2023-2977)

  - Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card     enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of     these flaws, an attacker must have physical access to the computer system and employ a custom-crafted USB     device or smart card to manipulate responses to APDUs. This manipulation can potentially allow compromise     key generation, certificate loading, and other card management operations during enrollment.
    (CVE-2023-40661)

  - An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling     symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the     computer and a specially crafted USB device or smart card. This flaw allows the attacker to manipulate     APDU responses and potentially gain unauthorized access to sensitive data, compromising the system's     security. (CVE-2023-4535)

  - A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-     channel resistant. This issue may result in the potential leak of private data. (CVE-2023-5992)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-7879 advisory.

    - Fix CVE-2023-40660: Potential PIN bypass
    - Fix CVE-2023-40661: Dynamic analyzers reports in pkcs15init
    - Fix CVE-2023-4535: Out-of-bounds read in MyEID driver handling encryption using symmetric keys

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Published	Updated	Severity
212334	GLSA-202412-15 : OpenSC: Multiple Vulnerabilities	Nessus	Gentoo Local Security Checks	12/11/2024	12/11/2024	high
193934	CentOS 9 : opensc-0.23.0-3.el9	Nessus	CentOS Local Security Checks	4/26/2024	10/10/2024	medium
187087	RHEL 9 : opensc (RHSA-2023:7879)	Nessus	Red Hat Local Security Checks	12/19/2023	11/7/2024	medium
184418	Amazon Linux 2023 : opensc (ALAS2023-2023-417)	Nessus	Amazon Linux Local Security Checks	11/4/2023	12/11/2024	medium
239185	TencentOS Server 4: opensc (TSSA-2024:0030)	Nessus	Tencent Local Security Checks	6/16/2025	11/20/2025	high
201687	CBL Mariner 2.0 Security Update: opensc (CVE-2023-4535)	Nessus	MarinerOS Local Security Checks	7/3/2024	7/3/2024	low
187189	Fedora 39 : opensc (2023-a854153d7a)	Nessus	Fedora Local Security Checks	12/21/2023	11/14/2024	medium
187215	AlmaLinux 9 : opensc (ALSA-2023:7879)	Nessus	Alma Linux Local Security Checks	12/22/2023	12/22/2023	medium
187278	Fedora 38 : opensc (2023-c7e4c9af51)	Nessus	Fedora Local Security Checks	12/23/2023	11/14/2024	medium
242724	NewStart CGSL MAIN 7.02 : opensc Multiple Vulnerabilities (NS-SA-2025-0119)	Nessus	NewStart CGSL Local Security Checks	7/25/2025	7/25/2025	high
187093	Oracle Linux 9 : opensc (ELSA-2023-7879)	Nessus	Oracle Linux Local Security Checks	12/19/2023	10/22/2024	medium

Detections

Analytics

Plugins Search

high

medium

medium

medium

high

low

medium

medium

medium

high

medium