CVE-2023-47612

EUVD-2023-51723
A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a read/write access to any files and directories on the targeted system, including hidden files and directories.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
KasperskyCNA
6.8 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
Affected Products (NVD)
VendorProductVersion
telitbgs5_firmware
-
telitehs5_firmware
-
telitehs6_firmware
-
telitehs8_firmware
-
telitpds5_firmware
-
telitpds6_firmware
-
telitpds8_firmware
-
telitels61_firmware
-
telitels81_firmware
-
telitpls62_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-22-194-telit-cinterion-thales-gemalto-modules-files-or-directories-accessible-to-external-parties-vulnerability/
https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-22-194-telit-cinterion-thales-gemalto-modules-files-or-directories-accessible-to-external-parties-vulnerability/