CVE-2023-6260 - Vulnerability Details - OpenCVE

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Brivo	Acs100 Acs100 Firmware Acs300 Acs300 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:brivo:acs100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:brivo:acs100:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:brivo:acs300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:brivo:acs300:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://sra.io/advisories/
https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3

History

Wed, 05 Feb 2025 23:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Brivo Brivo acs100 Brivo acs100 Firmware Brivo acs300 Brivo acs300 Firmware
CPEs		cpe:2.3:h:brivo:acs100:-:::::::* cpe:2.3:h:brivo:acs300:-:::::::* cpe:2.3:o:brivo:acs100_firmware:::::::: cpe:2.3:o:brivo:acs300_firmware::::::::
Vendors & Products		Brivo Brivo acs100 Brivo acs100 Firmware Brivo acs300 Brivo acs300 Firmware

MITRE

Status: PUBLISHED

Assigner: SRA

Published: 2024-02-19T21:30:20.947Z

Updated: 2024-08-02T08:28:20.371Z

Reserved: 2023-11-22T17:16:37.736Z

Link: CVE-2023-6260

Vulnrichment

Updated: 2024-08-02T08:28:20.371Z

NVD

Status : Analyzed

Published: 2024-02-19T22:15:48.460

Modified: 2025-02-05T22:35:57.283

Link: CVE-2023-6260

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6260", "assignerOrgId": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "state": "PUBLISHED", "assignerShortName": "SRA", "dateReserved": "2023-11-22T17:16:37.736Z", "datePublished": "2024-02-19T21:30:20.947Z", "dateUpdated": "2024-08-02T08:28:20.371Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "product": "ACS100, ACS300", "vendor": "Brivo", "versions": [{"lessThan": "6.2.4.3", "status": "affected", "version": "5.2.4", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Gabe Siftar (SRA)"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Krzysztof Grochal (SRA)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.<p>This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.</p>"}], "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.\n\n"}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}, {"capecId": "CAPEC-390", "descriptions": [{"lang": "en", "value": "CAPEC-390 Bypassing Physical Security"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "ACS300 (Physical Access)"}]}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "ACS100 (Adjacent Network Access)"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "shortName": "SRA", "dateUpdated": "2024-02-21T14:49:22.819Z"}, "references": [{"url": "https://sra.io/advisories/"}, {"url": "https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3"}], "source": {"discovery": "UNKNOWN"}, "title": "Web UI OS Command Injection in Brivo ACS100, ACS300", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "brivo", "product": "acs100_firmware", "cpes": ["cpe:2.3:o:brivo:acs100_firmware:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.2.4", "status": "affected", "lessThan": "6.2.4.3", "versionType": "semver"}]}, {"vendor": "brivo", "product": "acs300_firmware", "cpes": ["cpe:2.3:o:brivo:acs300_firmware:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.2.4", "status": "affected", "lessThan": "6.2.4.3", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-02-20T15:38:03.370421Z", "id": "CVE-2023-6260", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-27T19:33:58.599Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:20.371Z"}, "title": "CVE Program Container", "references": [{"url": "https://sra.io/advisories/", "tags": ["x_transferred"]}, {"url": "https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sra.io/advisories/", "tags": ["x_transferred"]}, {"url": "https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:20.371Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6260", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-02-20T15:38:03.370421Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:brivo:acs100_firmware:*:*:*:*:*:*:*:*"], "vendor": "brivo", "product": "acs100_firmware", "versions": [{"status": "affected", "version": "5.2.4", "lessThan": "6.2.4.3", "versionType": "semver"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:brivo:acs300_firmware:*:*:*:*:*:*:*:*"], "vendor": "brivo", "product": "acs300_firmware", "versions": [{"status": "affected", "version": "5.2.4", "lessThan": "6.2.4.3", "versionType": "semver"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-27T19:33:40.337Z"}}], "cna": {"title": "Web UI OS Command Injection in Brivo ACS100, ACS300", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Gabe Siftar (SRA)"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Krzysztof Grochal (SRA)"}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}, {"capecId": "CAPEC-390", "descriptions": [{"lang": "en", "value": "CAPEC-390 Bypassing Physical Security"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "PHYSICAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "ACS300 (Physical Access)"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "ACS100 (Adjacent Network Access)"}]}], "affected": [{"vendor": "Brivo", "product": "ACS100, ACS300", "versions": [{"status": "affected", "version": "5.2.4", "lessThan": "6.2.4.3", "versionType": "semver"}], "defaultStatus": "unknown"}], "references": [{"url": "https://sra.io/advisories/"}, {"url": "https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.\n\n", "supportingMedia": [{"type": "text/html", "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.<p>This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "shortName": "SRA", "dateUpdated": "2024-02-21T14:49:22.819Z"}}}, "cveMetadata": {"cveId": "CVE-2023-6260", "state": "PUBLISHED", "dateUpdated": "2024-08-02T08:28:20.371Z", "dateReserved": "2023-11-22T17:16:37.736Z", "assignerOrgId": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "datePublished": "2024-02-19T21:30:20.947Z", "assignerShortName": "SRA"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:brivo:acs100_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "80906C11-31EB-496E-A5E6-CCC61AA1AF41", "versionEndIncluding": "6.2.4.3", "versionStartIncluding": "5.2.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:brivo:acs100:-:*:*:*:*:*:*:*", "matchCriteriaId": "B21FAE09-C308-4E75-87C0-15F6637D139C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:brivo:acs300_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E455B577-1BD1-45CA-B744-4459B18B9E99", "versionEndExcluding": "6.2.4.3", "versionStartIncluding": "5.2.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:brivo:acs300:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC69BFA4-EAD9-4C60-BE90-5722C07F2B65", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.\n\n"}, {"lang": "es", "value": "Neutralizaci\u00f3n inadecuada de elementos especiales utilizados en una vulnerabilidad de comando del sistema operativo ('inyecci\u00f3n de comando del sistema operativo') en Brivo ACS100, ACS300 permite la inyecci\u00f3n de comandos del sistema operativo, evitando la seguridad f\u00edsica. Este problema afecta a ACS100 (acceso adyacente a la red), ACS300 (acceso f\u00edsico): desde 5.2 .4 antes del 6.2.4.3."}], "id": "CVE-2023-6260", "lastModified": "2025-02-05T22:35:57.283", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-19T22:15:48.460", "references": [{"source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "tags": ["Third Party Advisory"], "url": "https://sra.io/advisories/"}, {"source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "tags": ["Release Notes"], "url": "https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://sra.io/advisories/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3"}], "sourceIdentifier": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}