CVE-2023-47616

LOW

2.4

Beschreibung

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to get access to a sensitive data on the targeted system.

CVE Details

CVSS v3.1 Bewertung2.4

SchweregradLOW

CVSS VektorCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AngriffsvektorPHYSICAL

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht11/9/2023

Zuletzt geandert11/21/2024

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

telit:bgs5telit:bgs5_firmwaretelit:ehs5telit:ehs5_firmwaretelit:ehs6telit:ehs6_firmwaretelit:ehs8telit:ehs8_firmwaretelit:els61telit:els61_firmwaretelit:els81telit:els81_firmwaretelit:pds5telit:pds5_firmwaretelit:pds6telit:pds6_firmwaretelit:pds8telit:pds8_firmwaretelit:pls62telit:pls62_firmware

Schwachen (CWE)

CWE-200

Referenzen

https://ics-cert.kaspersky.com/advisories/2023/11/09/klcert-22-193-telit-cinterion-thales-gemalto-modules-exposure-of-sensitive-information-to-an-unauthorized-actor/(vulnerability@kaspersky.com)

https://ics-cert.kaspersky.com/advisories/2023/11/09/klcert-22-193-telit-cinterion-thales-gemalto-modules-exposure-of-sensitive-information-to-an-unauthorized-actor/(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.