← Advisories

Screen SFT DAB 600/C Authentication Bypass Admin Password Change Exploit

High
Advisory ID
ZSL-2023-5774
Release Date
13 May 2023
Vendor
DB Elettronica Telecomunicazioni SpA - https://www.screen.it, https://www.dbbroadcast.com
Affected Version
Firmware: 1.9.3, Bios firmware: 7.1 (Apr 19 2021), Gui: 2.46, FPGA: 169.55, uc: 6.15
CVE
CVE-2023-53967
Tested On
Keil-EWEB/2.1, MontaVista® Linux® Carrier Grade eXpress (CGX)
Summary

Screen's new radio DAB Transmitter is reaching the highest technology level in both Digital Signal Processing and RF domain. SFT DAB Series - Compact Radio DAB Transmitter - Air. Thanks to the digital adaptive precorrection and configuatio flexibility, the Hot Swap System technology, the compactness and the smart system design, the SFT DAB are advanced transmitters. They support standards DAB, DAB+ and T-DMB and are compatible with major headend brands.

Description

This exploit circumvents the control and requirement of admin's old password and directly changes the password.

Proof of Concept
screen_masterpwd.pyTXT
Disclosure Timeline
19.03.2023Vulnerability discovered.
20.03.2023Vendor contacted.
12.05.2023No response from the vendor.
13.05.2023Public security advisory released.
Credits
Vulnerability discovered by Gjoko Krstic
References
[1]https://www.zeroscience.mk/#/advisories/ZSL-2023-5776
[2]https://www.zeroscience.mk/#/advisories/ZSL-2023-5772
[3]https://www.exploit-db.com/exploits/51458
[4]https://packetstormsecurity.com/files/172329
[5]https://cxsecurity.com/issue/WLB-2023050074
[6]https://www.cve.org/CVERecord?id=CVE-2023-53967
Changelog
13.05.2023Initial release
12.10.2023Added reference [3], [4] and [5]
21.03.2026Added reference [6]