CVE-2023-47612

MEDIUM

6.8

Descripcion

A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a read/write access to any files and directories on the targeted system, including hidden files and directories.

Detalles CVE

Puntuacion CVSS v3.16.8

SeveridadMEDIUM

Vector CVSSCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vector de ataquePHYSICAL

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioNONE

Publicado11/9/2023

Ultima modificacion11/21/2024

Fuentenvd

Avistamientos honeypot0

Productos afectados

telit:bgs5telit:bgs5_firmwaretelit:ehs5telit:ehs5_firmwaretelit:ehs6telit:ehs6_firmwaretelit:ehs8telit:ehs8_firmwaretelit:els61telit:els61_firmwaretelit:els81telit:els81_firmwaretelit:pds5telit:pds5_firmwaretelit:pds6telit:pds6_firmwaretelit:pds8telit:pds8_firmwaretelit:pls62telit:pls62_firmware

Debilidades (CWE)

CWE-552CWE-552

Referencias

https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-22-194-telit-cinterion-thales-gemalto-modules-files-or-directories-accessible-to-external-parties-vulnerability/(vulnerability@kaspersky.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.