关于 CVE-2023-40660 的漏洞信息

1. 漏洞描述
From NVD
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small, permanently connected tokens to computers. Additionally, the token can internally track login status. This flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system without the user's awareness.
From 神龙GPT (AIGC)
神龙GPT 暂无描述信息(请耐心等待)
2. 漏洞评分(CVSS)
From NVD
NVD 暂无评分
From 神龙GPT (AIGC)
神龙GPT暂无评分(请耐心等待)
3. 漏洞类别
From NVD
CWE-287
From 神龙GPT (AIGC)
神龙GPT 暂无漏洞类别信息(请耐心等待)
Reference