TROYANOSYVIRUS
Retour aux CVEs

CVE-2023-47615

LOW
3.3

Description

A CWE-526: Exposure of Sensitive Information Through Environmental Variables vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to get access to a sensitive data on the targeted system.

Details CVE

Score CVSS v3.13.3
SeveriteLOW
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie11/9/2023
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0

Produits affectes

telit:bgs5telit:bgs5_firmwaretelit:ehs5telit:ehs5_firmwaretelit:ehs6telit:ehs6_firmwaretelit:ehs8telit:ehs8_firmwaretelit:els61telit:els61_firmwaretelit:els81telit:els81_firmwaretelit:pds5telit:pds5_firmwaretelit:pds6telit:pds6_firmwaretelit:pds8telit:pds8_firmwaretelit:pls62telit:pls62_firmware

Faiblesses (CWE)

CWE-526

References

https://ics-cert.kaspersky.com/advisories/2023/11/09/klcert-22-212-telit-cinterion-thales-gemalto-modules-exposure-of-sensitive-information-through-environmental-variables/(vulnerability@kaspersky.com)
https://ics-cert.kaspersky.com/advisories/2023/11/09/klcert-22-212-telit-cinterion-thales-gemalto-modules-exposure-of-sensitive-information-through-environmental-variables/(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.