7 matches found
CVE-2023-47611
CVE-2023-47611 affects Telit Cinterion BGS5, EHS5/6/8, PDS5/6/8, ELS61/81, and PLS62 modules. It stems from improper privilege management (CWE-269) that could let a local, low-privileged attacker elevate to the manufacturer level. Affected models are confirmed in multiple sources; the initial des...
CVE-2023-47613
CVE-2023-47613 describes a Relative Path Traversal in Telit Cinterion modems: BGS5, EHS5/6/8, PDS5/6/8, ELS61/81, and PLS62. The vulnerability could allow a local, low-privileged attacker to escape from virtual directories and obtain read/write access to protected files on the targeted system. Th...
CVE-2023-47610
Summary of CVE-2023-47610 : A heap-based buffer overflow in the SMS handling path of Telit Cinterion modems (notably EHS5/6/8, with related references to BGS5 and PDS5/6/8 in PT-2023-9100) could allow a remote, unauthenticated attacker to execute arbitrary code on the target via a specially craft...
CVE-2023-47614
The CVE-2023-47614 entry describes a local, low-privilege information disclosure vulnerability affecting Telit Cinterion BGS5, EHS5/6/8, PDS5/6/8, ELS61/81, and PLS62 modules. Root cause: exposure of hidden virtual paths and file names due to a CWE-200-style flaw. Impact is limited to information...
CVE-2023-47612
Telit Cinterion modules (BGS5, EHS5/6/8, PDS5/6/8, ELS61/81, PLS62) have a CWE-552 vulnerability allowing a physically present attacker to obtain read/write access to any files/directories, including hidden ones. Root cause: Files or Directories Accessible to External Parties. Exploitation status...
CVE-2023-47615
CVE-2023-47615 affects Telit Cinterion BGS5, EHS5/6/8, PDS5/6/8, ELS61/81, and PLS62. The issue is described as an Exposure of Sensitive Information Through Environmental Variables (EIV). TheccvE states a local, low-privileged attacker could access sensitive data on the targeted system. The provi...
CVE-2023-47616
CVE-2023-47616 affects Telit Cinterion modules (BGS5; EHS5/6/8; PDS5/6/8; ELS61/81; PLS62) with a CWE-200 exposure of sensitive information to an unauthorized actor. The described risk requires physical access to disclose data on the wireless modem module, with no explicit exploit details in the ...