Cyber Resilience

CVE-2023-53776

HighPublic PoC

Published: 10 December 2025

Published
10 December 2025
Modified
02 January 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0021 43.7th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-53776 is a high-severity Session Fixation (CWE-384) vulnerability in Dbbroadcast Sft Dab 600\/C Firmware. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 43.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-12 (Session Termination) and IA-5 (Authenticator Management).

Deeper analysis

CVE-2023-53776 is an authentication bypass vulnerability in Screen SFT DAB version 1.9.3, caused by weak session management that permits attackers to reuse IP-bound session identifiers. This flaw affects the software component used for managing Digital Audio Broadcasting (DAB) transmitters, enabling exploitation of the session binding mechanism to issue unauthorized requests to the device management API and perform critical operations on the transmitter. The vulnerability is classified under CWE-384 (Session Fixation) with a CVSS v3.1 base score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Attackers on an adjacent network (AV:A) can exploit this without prior authentication (PR:N) or user interaction (UI:N) by capturing a legitimate session identifier bound to a specific IP address and reusing it for malicious requests. Successful exploitation allows high-impact compromise of confidentiality, integrity, and availability, granting unauthorized control over transmitter operations via the device management API.

Advisories, including those from VulnCheck and references on vendor sites like DB Broadcast and Screen, provide details on the authentication bypass via session management weakness. A proof-of-concept exploit is publicly available on Exploit-DB (ID 51459), highlighting the need to review these resources for detection and mitigation guidance.

EU & UK References

Vulnerability details

Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound session identifiers. Attackers can issue unauthorized requests to the device management API by leveraging the session binding mechanism to perform…

more

critical operations on the transmitter.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The vulnerability is an authentication bypass in a network-accessible device management API exploitable from adjacent networks without authentication, directly enabling T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2023-53968Same product: Dbbroadcast Sft Dab 600\/C
CVE-2023-53970Same product: Dbbroadcast Sft Dab 600\/C
CVE-2023-53969Same product: Dbbroadcast Sft Dab 600\/C
CVE-2023-53967Same product: Dbbroadcast Sft Dab 600\/C
CVE-2023-53740Same product: Dbbroadcast Sft Dab 600\/C
CVE-2023-53741Same product: Dbbroadcast Sft Dab 600\/C
CVE-2025-66262Same vendor: Dbbroadcast
CVE-2025-63529Shared CWE-384
CVE-2025-63228Same vendor: Dbbroadcast
CVE-2025-66251Same vendor: Dbbroadcast

Affected Assets

dbbroadcast
sft dab 600\/c firmware
1.9.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SC-23 requires mechanisms to protect communications session authenticity, directly addressing weak session management that enables IP-bound session identifier reuse for authentication bypass.

prevent

IA-5 mandates management of authenticators including session identifiers through protection from disclosure, refresh, and secure handling to prevent unauthorized reuse.

prevent

AC-12 enforces automatic session termination after defined conditions, invalidating session identifiers and blocking their reuse by attackers on adjacent networks.

References