Login Sign Up

CVE-2023-2158

9.8 CRITICAL
Authentication Bypass

📋 TL;DR

CVE-2023-2158 is a user impersonation vulnerability in Code Dx where attackers can forge 'Remember Me' tokens using a hard-coded cipher to access other users' accounts. This affects Code Dx versions before 2023.4.2, allowing unauthorized access to user sessions and data.

💻 Affected Systems

Products:
  • Synopsys Code Dx
Versions: All versions prior to 2023.4.2
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: All deployments using vulnerable versions are affected regardless of configuration.

📦 What is this software?

Code Dx by Synopsys

View all CVEs affecting Code Dx →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete account takeover of any user, including administrators, leading to data theft, privilege escalation, and potential system compromise.

🟠

Likely Case

Unauthorized access to user accounts for data exfiltration, privilege escalation, or lateral movement within the application.

🟢

If Mitigated

Limited impact if proper network segmentation and monitoring are in place, but still represents authentication bypass.

🌐 Internet-Facing: HIGH - Attackers can exploit remotely without authentication if the system is internet-facing.
🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires knowledge of target usernames and ability to craft tokens using the hard-coded cipher.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2023.4.2

Vendor Advisory: https://community.synopsys.com/s/question/0D5Hr00006VdZblKAF/announcement-changelog-code-dx-202342

Restart Required: Yes

Instructions:

1. Download Code Dx version 2023.4.2 or later from official sources. 2. Follow the upgrade instructions in the Code Dx documentation. 3. Restart the Code Dx service after upgrade.

🔧 Temporary Workarounds

Disable Remember Me Feature

all

Temporarily disable the 'Remember Me' functionality to prevent token-based authentication

Modify Code Dx configuration to disable persistent login tokens

🧯 If You Can't Patch

  • Implement network segmentation to restrict access to Code Dx instances
  • Enable detailed authentication logging and monitor for suspicious login patterns

🔍 How to Verify

Check if Vulnerable:

Check Code Dx version via web interface or configuration files - versions below 2023.4.2 are vulnerable

Check Version:

Check Code Dx web interface or consult deployment documentation for version information

Verify Fix Applied:

Verify installation of version 2023.4.2 or later and confirm 'Remember Me' tokens are properly encrypted

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed login attempts followed by successful login with 'Remember Me' token
  • Login from unusual IP addresses using persistent tokens

Network Indicators:

  • Unusual authentication patterns to Code Dx endpoints

SIEM Query:

source="code-dx-logs" AND (event_type="authentication" AND (token_use="remember_me" OR suspicious_ip=true))

📊 Metadata

CVE ID: CVE-2023-2158
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-321
Published: April 27, 2023
Last Updated: January 31, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-2158, you might also want to check these:

CVE-2024-30207 10.0

This vulnerability affects multiple SIMATIC RTLS Locating Manager products where communication betwe...

Same vulnerability type (CWE-321)
CVE-2025-34256 9.8

This vulnerability allows remote unauthenticated attackers to forge JWT tokens using a hard-coded cr...

Same vulnerability type (CWE-321)
CVE-2026-25894 9.8

An insecure default configuration in FUXA web-based SCADA/HMI software allows unauthenticated remote...

Same vulnerability type (CWE-321)