CVE-2023-47614

The CVE-2023-47614 entry describes a local, low-privilege information disclosure vulnerability affecting Telit Cinterion BGS5, EHS5/6/8, PDS5/6/8, ELS61/81, and PLS62 modules. Root cause: exposure of hidden virtual paths and file names due to a CWE-200-style flaw. Impact is limited to information...

Security Vulnerabilities in Various Telit Products

Telit Cinterion BGS5 and so on are products of Telit Communications Telit.Telit Cinterion BGS5 is a mobile communication module.Telit Cinterion EHS5/6/8 and so on are products of Telit Cinterion.Telit Cinterion EHS5/6/8 is an edge device module.Telit Cinterion PDS5/6/8 is an edge device...

CVE-2023-47610

Summary of CVE-2023-47610 : A heap-based buffer overflow in the SMS handling path of Telit Cinterion modems (notably EHS5/6/8, with related references to BGS5 and PDS5/6/8 in PT-2023-9100) could allow a remote, unauthenticated attacker to execute arbitrary code on the target via a specially craft...

CVE-2023-47613

CVE-2023-47613 describes a Relative Path Traversal in Telit Cinterion modems: BGS5, EHS5/6/8, PDS5/6/8, ELS61/81, and PLS62. The vulnerability could allow a local, low-privileged attacker to escape from virtual directories and obtain read/write access to protected files on the targeted system. Th...

CVE-2020-15858

Some devices of Thales DIS formerly Gemalto, formerly Cinterion allow Directory Traversal by physically proximate attackers. The directory path access check of the internal flash file system can be circumvented. This flash file system can store application-specific data and data needed for custom...

CVE-2020-15858

Some devices of Thales DIS formerly Gemalto, formerly Cinterion allow Directory Traversal by physically proximate attackers. The directory path access check of the internal flash file system can be circumvented. This flash file system can store application-specific data and data needed for custom...