Login Sign Up

CVE-2023-46052

7.1 HIGH
Buffer Overflow

📋 TL;DR

CVE-2023-46052 is a heap buffer overflow vulnerability in Sane 1.2.1's test backend that could allow arbitrary code execution when processing malicious configuration files. This affects systems using Sane scanning software with the test backend enabled. The vulnerability is disputed because the test backend isn't intended for production use with untrusted input.

💻 Affected Systems

Products:
  • Sane (Scanner Access Now Easy)
Versions: 1.2.1 specifically (test backend code)
Operating Systems: Linux, Unix-like systems
Default Config Vulnerable: ✅ No
Notes: Only vulnerable when test backend is enabled and processes attacker-controlled configuration files, which is not the intended use case.

📦 What is this software?

Sane Backends by Sane Project

View all CVEs affecting Sane Backends →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the Sane daemon (often root), potentially leading to complete system compromise.

🟠

Likely Case

Denial of service through application crash, as exploitation requires specific non-default configurations.

🟢

If Mitigated

No impact if test backend is disabled or configuration files are properly secured.

🌐 Internet-Facing: LOW - Sane daemon typically runs locally and test backend isn't for production use.
🏢 Internal Only: MEDIUM - Could be exploited by local users or through network scanning if test backend is misconfigured.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access or ability to write/modify configuration files. Proof-of-concept code is publicly available but requires specific conditions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in Sane backends repository (git), but no official release version specified

Vendor Advisory: https://gitlab.com/sane-project/backends/-/issues/709

Restart Required: Yes

Instructions:

1. Update Sane backends from source repository 2. Recompile and install 3. Restart sane daemon/service

🔧 Temporary Workarounds

Disable test backend

linux

Remove or disable the test backend configuration to prevent exploitation

sudo rm /etc/sane.d/test.conf
sudo systemctl restart saned

Restrict configuration file permissions

linux

Ensure only trusted users can modify Sane configuration files

sudo chmod 644 /etc/sane.d/*.conf
sudo chown root:root /etc/sane.d/*.conf

🧯 If You Can't Patch

  • Disable the test backend completely in Sane configuration
  • Implement strict file permissions on /etc/sane.d/ directory and monitor for unauthorized changes

🔍 How to Verify

Check if Vulnerable:

Check if test backend is enabled: grep -r 'test' /etc/sane.d/

Check Version:

scanimage --version

Verify Fix Applied:

Verify test backend is disabled or check Sane version from source repository

📡 Detection & Monitoring

Log Indicators:

  • Sane daemon crashes
  • Segmentation faults in sane-related processes
  • Unusual configuration file modifications

Network Indicators:

  • Unexpected network connections from sane daemon

SIEM Query:

process.name:"saned" AND (event.action:"segmentation_fault" OR event.action:"crash")

📊 Metadata

CVE ID: CVE-2023-46052
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
Published: March 27, 2024
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON