Files or Directories Accessible to External Parties in Telit products - CVE-2023-47612

 

Files or Directories Accessible to External Parties in Telit products - CVE-2023-47612

Published: November 9, 2023


Vulnerability identifier: #VU82929
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-47612
CWE-ID: CWE-552
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: Telit
Affected software:
BGS5
EHS5
EHS6
EHS8
PDS5
PDS6
PDS8
ELS61
ELS81
PLS62

Detailed vulnerability description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to files or directories accessible to external parties. An attacker with physical access can obtain a read/write access to any files and directories on the targeted system, including hidden files and directories.


How to mitigate CVE-2023-47612

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Sources