Information disclosure in Telit products - CVE-2023-47616
Published: November 9, 2023
Vulnerability identifier: #VU82934
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-47616
CWE-ID: CWE-200
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Telit
Affected software:
BGS5
EHS5
EHS6
EHS8
PDS5
PDS6
PDS8
ELS61
ELS81
PLS62
BGS5
EHS5
EHS6
EHS8
PDS5
PDS6
PDS8
ELS61
ELS81
PLS62
Detailed vulnerability description
The vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. An attacker with physical access can gain unauthorized access to sensitive information on the system.
How to mitigate CVE-2023-47616
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.