CVE-2023-53968

CriticalPublic PoC

Published: 22 December 2025

Published

22 December 2025

Modified

26 December 2025

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0058 69.0th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Screen SFT DAB 600/C Firmware 1.9.3 contains a session management vulnerability that allows attackers to bypass authentication controls by exploiting IP address session binding. Attackers can reuse the same IP address and issue unauthorized requests to the userManager API to…

remove user accounts without proper authentication.

Mitigating Controls (NIST 800-53 r5)AI

SC-23 Session Authenticity good match

prevent

Protects the authenticity of communications sessions, directly mitigating IP address session binding flaws that enable authentication bypass and unauthorized API requests.

IA-11 Re-authentication good match

prevent

Requires re-authentication for sensitive activities like user account removal via the userManager API, preventing exploitation even if initial session binding is compromised.

AC-3 Access Enforcement partial match

prevent

Enforces access control policies to block unauthorized requests to privileged endpoints such as the userManager API targeted in this CVE.

Security SummaryAI

CVE-2023-53968 is a session management vulnerability (CWE-306) affecting Screen SFT DAB 600/C Firmware version 1.9.3, with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The flaw stems from improper IP address session binding, allowing attackers to bypass authentication controls. By reusing the same IP address, unauthorized parties can issue requests to the userManager API, enabling actions such as removing user accounts without valid credentials.

The vulnerability is exploitable by remote attackers with network access and no privileges or user interaction required. An attacker sharing or spoofing the victim's IP address can directly target the userManager API endpoint to delete accounts, potentially disrupting access controls and administrative functions on the affected DAB (Digital Audio Broadcasting) device.

Advisories from VulnCheck and Zero Science Laboratory document the authentication bypass leading to account erasure, while an exploit is publicly available on Exploit-DB. Manufacturer DB Broadcast provides product details for the SFT DAB series on their website, though specific patch information is not detailed in the provided references.

Public availability of the exploit on Exploit-DB indicates potential for real-world exploitation against unpatched instances of this firmware.

Details

CWE(s): CWE-306

Affected Products

dbbroadcast

sft dab 600\/c firmware

1.9.3

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1531 Account Access Removal Impact

Adversaries may interrupt availability of system and network resources by inhibiting access to accounts utilized by legitimate users.

attack.mitre.org →

Why these techniques?

CVE enables remote exploitation of a public-facing API (T1190) via IP-based session binding flaw, directly facilitating unauthorized account deletion (T1531).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://www.dbbroadcast.com
Product · disclosure@vulncheck.com
https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/
Product · disclosure@vulncheck.com
https://www.exploit-db.com/exploits/51457
Exploit · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/screen-sft-dab-c-firmware-authentication-bypass-erase-account
Third Party Advisory, Exploit · disclosure@vulncheck.com
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5773.php
Exploit, Third Party Advisory · disclosure@vulncheck.com
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5773.php
Exploit, Third Party Advisory · 134c704f-9b21-4f2e-91b3-4a467353bcc0