Login Sign Up

CVE-2023-4340

9.8 CRITICAL

📋 TL;DR

CVE-2023-4340 is a privilege escalation vulnerability in Broadcom RAID Controller software where session information printed in log files can be exploited to gain elevated privileges. This affects systems using vulnerable Broadcom RAID Controller software versions. Attackers can leverage exposed session data to escalate from lower-privileged accounts to administrative access.

💻 Affected Systems

Products:
  • Broadcom RAID Controller software
Versions: Specific versions not detailed in provided references; check Broadcom advisory for exact affected versions.
Operating Systems: Multiple OS platforms supported by Broadcom RAID Controller
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in default logging configuration where session information is written to accessible log files.

📦 What is this software?

Raid Controller Web Interface by Broadcom

View all CVEs affecting Raid Controller Web Interface →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with administrative control over RAID configuration, potential data destruction, and lateral movement to connected systems.

🟠

Likely Case

Unauthorized administrative access to RAID controller management, allowing configuration changes, data access, and potential denial of service.

🟢

If Mitigated

Limited impact with proper log file permissions and access controls preventing unauthorized log access.

🌐 Internet-Facing: LOW - Typically RAID controllers are not directly internet-facing.
🏢 Internal Only: HIGH - Internal attackers with access to log files can exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires access to log files containing session information, typically requiring some level of system access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Broadcom advisory for specific patched versions

Vendor Advisory: https://www.broadcom.com/support/resources/product-security-center

Restart Required: Yes

Instructions:

1. Check Broadcom security advisory for affected versions. 2. Download and apply the latest firmware/software update from Broadcom. 3. Restart affected systems to apply changes.

🔧 Temporary Workarounds

Restrict log file permissions

linux

Set strict file permissions on RAID controller log files to prevent unauthorized access

chmod 600 /var/log/raid-controller.log
chown root:root /var/log/raid-controller.log

Disable detailed session logging

all

Configure RAID controller to not log sensitive session information

Check Broadcom documentation for logging configuration options

🧯 If You Can't Patch

  • Implement strict access controls on log directories and files
  • Monitor log file access attempts and implement alerting for unauthorized access

🔍 How to Verify

Check if Vulnerable:

Check Broadcom RAID Controller version against advisory and examine log files for session information exposure

Check Version:

Check Broadcom management utility or system documentation for version command

Verify Fix Applied:

Verify updated version is installed and confirm session information is no longer exposed in logs

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized access to RAID controller log files
  • Unexpected privilege escalation events
  • Suspicious session information in logs

Network Indicators:

  • Unusual RAID controller management traffic patterns

SIEM Query:

source="raid-controller" AND (event="privilege_escalation" OR event="unauthorized_access")

📊 Metadata

CVE ID: CVE-2023-4340
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Published: August 15, 2023
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON