CVE-2023-47614

The CVE-2023-47614 entry describes a local, low-privilege information disclosure vulnerability affecting Telit Cinterion BGS5, EHS5/6/8, PDS5/6/8, ELS61/81, and PLS62 modules. Root cause: exposure of hidden virtual paths and file names due to a CWE-200-style flaw. Impact is limited to information...

Security Vulnerabilities in Various Telit Products

Telit Cinterion BGS5 and so on are products of Telit Communications Telit.Telit Cinterion BGS5 is a mobile communication module.Telit Cinterion EHS5/6/8 and so on are products of Telit Cinterion.Telit Cinterion EHS5/6/8 is an edge device module.Telit Cinterion PDS5/6/8 is an edge device...

CVE-2023-47610

Summary of CVE-2023-47610 : A heap-based buffer overflow in the SMS handling path of Telit Cinterion modems (notably EHS5/6/8, with related references to BGS5 and PDS5/6/8 in PT-2023-9100) could allow a remote, unauthenticated attacker to execute arbitrary code on the target via a specially craft...

Design/Logic Flaw

A CWE-526: Exposure of Sensitive Information Through Environmental Variables vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to get access to a...

CVE-2023-47615

A CWE-526: Exposure of Sensitive Information Through Environmental Variables vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to get access to a...

CVE-2023-47616

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to get...

CVE-2023-47616

CVE-2023-47616 affects Telit Cinterion modules (BGS5; EHS5/6/8; PDS5/6/8; ELS61/81; PLS62) with a CWE-200 exposure of sensitive information to an unauthorized actor. The described risk requires physical access to disclose data on the wireless modem module, with no explicit exploit details in the ...

CVE-2023-47616

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to get...

CVE-2023-47612

A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a...

CVE-2023-47613

CVE-2023-47613 describes a Relative Path Traversal in Telit Cinterion modems: BGS5, EHS5/6/8, PDS5/6/8, ELS61/81, and PLS62. The vulnerability could allow a local, low-privileged attacker to escape from virtual directories and obtain read/write access to protected files on the targeted system. Th...