CVE-2023-6260 – This OS command injection vulnerability in Briv... (How to Fix)

Q: What is the severity of CVE-2023-6260?

CVE-2023-6260 has a CVSS score of 9.0 (CRITICAL). This OS command injection vulnerability in Brivo ACS100 and ACS300 access control systems allows attackers to execute arbitrary commands on the devices. It affects network-adjacent attackers who can bypass physical security controls. The vulnerability exists in firmware versions from 5.2.4 through 6.2.4.3.

📋 TL;DR

This OS command injection vulnerability in Brivo ACS100 and ACS300 access control systems allows attackers to execute arbitrary commands on the devices. It affects network-adjacent attackers who can bypass physical security controls. The vulnerability exists in firmware versions from 5.2.4 through 6.2.4.3.

💻 Affected Systems

Products:

Brivo ACS100
Brivo ACS300

Versions: from 5.2.4 before 6.2.4.3

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects both Network Adjacent Access (ACS100) and Physical Access (ACS300) configurations

📦 What is this software?

Acs100 Firmware by Brivo

View all CVEs affecting Acs100 Firmware →

Acs300 Firmware by Brivo

View all CVEs affecting Acs300 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to execute arbitrary commands, disable physical security controls, pivot to internal networks, and maintain persistent access.

🟠

Likely Case

Attackers bypass physical access controls, manipulate door locks, disable security systems, and potentially access sensitive areas.

🟢

If Mitigated

Limited impact with proper network segmentation, but still allows local network attackers to manipulate access control functions.

🌐 Internet-Facing: LOW (These are typically internal access control systems not directly internet-facing)

🏢 Internal Only: HIGH (Network-adjacent attackers can exploit this to bypass physical security controls)

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

OS command injection vulnerabilities typically have low exploitation complexity once the injection point is identified

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.2.4.3

Vendor Advisory: https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3

Restart Required: Yes

Instructions:

1. Download firmware 6.2.4.3 from Brivo support portal. 2. Backup current configuration. 3. Upload and apply firmware update via web interface. 4. Reboot device. 5. Verify firmware version post-update.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate access control systems on separate VLANs with strict firewall rules

Access Control Lists

all

Implement network ACLs to restrict access to Brivo devices to authorized management systems only

🧯 If You Can't Patch

Segment Brivo devices on isolated network segments with strict firewall rules
Implement network monitoring and intrusion detection for unusual traffic to/from access control systems

🔍 How to Verify

Check if Vulnerable:

Check firmware version via web interface: System > About > Firmware Version

Check Version:

Check via web interface or SSH if enabled: cat /etc/version or similar system command

Verify Fix Applied:

Verify firmware version shows 6.2.4.3 or later in System > About

📡 Detection & Monitoring

Log Indicators:

Unusual command execution in system logs
Multiple failed authentication attempts
Unexpected system reboots

Network Indicators:

Unusual outbound connections from Brivo devices
Unexpected network traffic patterns to/from access control systems

SIEM Query:

source="brivo*" AND (event_type="command_execution" OR event_type="system_reboot")

📊 Metadata

CVE ID: CVE-2023-6260

CVSS v3 Score: 9.0 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-78

Published: February 19, 2024

Last Updated: February 5, 2025

🔗 References

https://sra.io/advisories/ Third Party Advisory
https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3 Release Notes
https://sra.io/advisories/ Third Party Advisory
https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3 Release Notes

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-6260, you might also want to check these: