Main Vulnerability Database Vulnerabilities #VU82929

Files or Directories Accessible to External Parties in Telit products - CVE-2023-47612

Published: November 9, 2023

Vulnerability identifier: #VU82929

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-47612

CWE-ID: CWE-552

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
BGS5
EHS5
EHS6
EHS8
PDS5
PDS6
PDS8
ELS61
ELS81
PLS62

Software vendor:
Telit

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to files or directories accessible to external parties. An attacker with physical access can obtain a read/write access to any files and directories on the targeted system, including hidden files and directories.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-23-018-telit-cinterion-thales-gemalto-modules-buffer-copy-without-checking-size-of-input-vulnerability/

Files or Directories Accessible to External Parties in Telit products - CVE-2023-47612

Description

Remediation

External links

Please verify you're human