CVE-2023-53970 – This authentication bypass vulnerability in Scr... (How to Fix)

Q: What is the severity of CVE-2023-53970?

CVE-2023-53970 has a CVSS score of 7.5 (HIGH). This authentication bypass vulnerability in Screen SFT DAB 600/C devices allows attackers to reset device configurations without valid credentials by reusing IP-bound session identifiers. Attackers exploit weak session management in the deviceManagement API endpoint to send crafted POST requests. Organizations using affected firmware versions are at risk of unauthorized device manipulation.

📋 TL;DR

This authentication bypass vulnerability in Screen SFT DAB 600/C devices allows attackers to reset device configurations without valid credentials by reusing IP-bound session identifiers. Attackers exploit weak session management in the deviceManagement API endpoint to send crafted POST requests. Organizations using affected firmware versions are at risk of unauthorized device manipulation.

💻 Affected Systems

Products:

Screen SFT DAB 600/C

Versions: Firmware 1.9.3

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: All devices running the vulnerable firmware version are affected. The vulnerability exists in the deviceManagement API endpoint.

📦 What is this software?

Sft Dab 600\/c Firmware by Dbbroadcast

View all CVEs affecting Sft Dab 600\/c Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device takeover allowing attackers to reset configurations, disrupt broadcast operations, or potentially inject malicious content into broadcast streams.

🟠

Likely Case

Unauthorized device configuration changes leading to service disruption, broadcast interference, or loss of device management control.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing external attackers from reaching vulnerable endpoints.

🌐 Internet-Facing: HIGH - Devices exposed to the internet are directly vulnerable to exploitation without authentication.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems can exploit this vulnerability to manipulate broadcast devices.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit code is publicly available on Exploit-DB (ID 51459). Attack requires network access to the device's management interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Contact vendor for updated firmware or security guidance.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate affected devices from untrusted networks and restrict access to management interfaces.

Access Control Lists

all

Implement strict firewall rules to allow only authorized IP addresses to access device management interfaces.

🧯 If You Can't Patch

Implement network segmentation to isolate affected devices from untrusted networks
Deploy intrusion detection systems to monitor for exploitation attempts on device management endpoints

🔍 How to Verify

Check if Vulnerable:

Check device firmware version via web interface or SSH. If running 1.9.3, device is vulnerable.

Check Version:

Check via device web interface or contact vendor for version verification method.

Verify Fix Applied:

Verify firmware has been updated to a version later than 1.9.3 or vendor-provided secure version.

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to deviceManagement endpoint
Device configuration reset events from unauthorized IPs
Multiple failed authentication attempts followed by successful configuration changes

Network Indicators:

Crafted POST requests to /api/deviceManagement with manipulated session parameters
Traffic from unexpected sources to device management ports

SIEM Query:

source_ip NOT IN (authorized_ips) AND dest_port=80 AND http_method=POST AND uri_path CONTAINS 'deviceManagement'

📊 Metadata

CVE ID: CVE-2023-53970

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-306

EPSS Score: 0.34% exploit probability (56.3th percentile)

Published: December 22, 2025

Last Updated: December 26, 2025

🔗 References

https://www.dbbroadcast.com Product
https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/ Product
https://www.exploit-db.com/exploits/51459 Exploit
https://www.vulncheck.com/advisories/screen-sft-dab-c-firmware-authentication-bypass-reset-board-config Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5775.php Exploit,Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5775.php Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-53970, you might also want to check these: