CVE-2023-53741 PUBLISHED

Screen SFT DAB 1.9.3 Authentication Bypass via IP Session Management

Assigner: VulnCheck
Reserved: 07.12.2025 Published: 10.12.2025 Updated: 18.12.2025

Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization.

Metrics

CVSS 4.0

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
CVSS Score: 5.1

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Network	Confidentiality	Low	Confidentiality	Low
Attack Complexity	Low	Integrity	Low	Integrity	Low
Attack Requirements	None	Availability	None	Availability	None
Privileges Required	Low
User Interaction	Passive

CVSS 4.0

Product Status

Vendor	DB Elettronica Telecomunicazioni SpA
Product	Screen SFT DAB Series - Compact Radio DAB Transmitter
Versions	Default: unaffected Version 1.9.3 is affected

CVE-2023-53741 PUBLISHED

Screen SFT DAB 1.9.3 Authentication Bypass via IP Session Management

Metrics

Product Status

Credits

References

Problem Types