CVE-2023-53964

CriticalPublic PoC

Published: 22 December 2025

Published

22 December 2025

Modified

16 January 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0121 79.2th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-53964 is a critical-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Sound4 Impact Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 20.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-14 Permitted Actions Without Identification or Authentication good match

prevent

AC-14 limits and authorizes specific actions performable without identification or authentication, directly preventing the unauthenticated factory reset via the vulnerable endpoint.

AC-3 Access Enforcement good match

prevent

AC-3 enforces approved access authorizations to system resources, blocking remote unauthenticated access to the restorefactory.cgi endpoint.

SI-10 Information Input Validation partial match

prevent

SI-10 validates information inputs to the endpoint, mitigating exploitation by rejecting the specific POST data that triggers the factory reset.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The vulnerability is an unauthenticated remote exploit of a public-facing web CGI endpoint (/usr/cgi-bin/restorefactory.cgi), directly enabling T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated vulnerability in the /usr/cgi-bin/restorefactory.cgi endpoint that allows remote attackers to reset device configuration. Attackers can send a POST request to the endpoint with specific data to trigger a factory reset and bypass authentication, gaining…

full system control.

Deeper analysisAI

CVE-2023-53964 is an unauthenticated vulnerability (CWE-306) in the /usr/cgi-bin/restorefactory.cgi endpoint of SOUND4 IMPACT, FIRST, PULSE, and Eco devices running version 2.x. It allows remote attackers to send a POST request with specific data to trigger a factory reset of the device configuration, bypassing authentication and enabling full system control. The issue carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Any unauthenticated remote attacker with network access to the device can exploit this vulnerability due to the lack of authentication checks (PR:N) and low attack complexity (AC:L), with no user interaction required (UI:N). Exploitation resets the device to factory settings, disrupting operations and providing the attacker with full system control, severely impacting confidentiality, integrity, and availability.

Advisories from VulnCheck and Zero Science Laboratory (ZSL-2022-5742) detail the unauthenticated factory reset vulnerability, while a proof-of-concept exploit is publicly available on Exploit-DB (exploit 51174). An archived version of the vendor's website is referenced, but no vendor patches or specific mitigation guidance are provided in the available references.

Details

CWE(s): CWE-306

Affected Products

sound4

impact firmware

1.69, 2.15

sound4

pulse firmware

1.69, 2.15

sound4

first firmware

1.69, 2.15

sound4

impact eco firmware

1.16

sound4

pulse eco firmware

1.16

sound4

big voice4 firmware

1.2

sound4

big voice2 firmware

1.30

sound4

wm2 firmware

1.11

sound4

stream extension

2.4.29

CVEs Like This One

CVE-2023-53955Same product: Sound4 Big Voice2

CVE-2023-53960Same product: Sound4 Big Voice2

CVE-2022-50796Same product: Sound4 Big Voice2

CVE-2023-53963Same product: Sound4 Big Voice2

CVE-2022-50794Same product: Sound4 Big Voice2

CVE-2022-50696Same product: Sound4 Big Voice2

CVE-2022-50793Same product: Sound4 Big Voice2

CVE-2025-57431Same vendor: Sound4

CVE-2026-26340Shared CWE-306

CVE-2025-54816Shared CWE-306

References

https://web.archive.org/web/20221207074555/https://www.sound4.com/
Product · disclosure@vulncheck.com
https://www.exploit-db.com/exploits/51174
Exploit, Third Party Advisory, VDB Entry · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/sound-impactfirstpulseeco-x-unauthenticated-factory-reset-vulnerability
Third Party Advisory · disclosure@vulncheck.com
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5742.php
Exploit, Third Party Advisory · disclosure@vulncheck.com
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5742.php
Exploit, Third Party Advisory · 134c704f-9b21-4f2e-91b3-4a467353bcc0