{"uuid": "578f0c33-2906-4592-91e8-e8ddd0bde3e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40661", "type": "seen", "source": "https://t.me/arpsyndicate/354", "content": "#ExploitObserverAlert\n\nCVE-2023-40661\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-40661. Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a custom-crafted USB device or smart card to manipulate responses to APDUs. This manipulation can potentially allow  compromise key generation, certificate loading, and other card management operations during enrollment.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 0.5", "creation_timestamp": "2023-11-22T15:46:24.000000Z"}