Lucene search

K
vulnrichmentKasperskyVULNRICHMENT:CVE-2023-47612
HistoryNov 09, 2023 - 12:07 p.m.

CVE-2023-47612

2023-11-0912:07:54
CWE-552
Kaspersky
github.com
telit
cinterion
bgs5
ehs5
pds5
els61
pls62
vulnerability
accessible
external
parties
read/write
files
directories

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

total

A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a read/write access to any files and directories on the targeted system, including hidden files and directories.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:telit_cinterion:bgs5:*:*:*:*:*:*:*:*"
    ],
    "vendor": "telit_cinterion",
    "product": "bgs5",
    "versions": [
      {
        "status": "affected",
        "version": "bgs5"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:telit_cinterion:ehs5:*:*:*:*:*:*:*:*"
    ],
    "vendor": "telit_cinterion",
    "product": "ehs5",
    "versions": [
      {
        "status": "affected",
        "version": "ehs5"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:telit_cinterion:ehs6:*:*:*:*:*:*:*:*"
    ],
    "vendor": "telit_cinterion",
    "product": "ehs6",
    "versions": [
      {
        "status": "affected",
        "version": "ehs6"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:telit_cinterion:ehs8:*:*:*:*:*:*:*:*"
    ],
    "vendor": "telit_cinterion",
    "product": "ehs8",
    "versions": [
      {
        "status": "affected",
        "version": "ehs8"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:telit_cinterion:pds5:*:*:*:*:*:*:*:*"
    ],
    "vendor": "telit_cinterion",
    "product": "pds5",
    "versions": [
      {
        "status": "affected",
        "version": "pds5"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:telit_cinterion:pds6:pds6:*:*:*:*:*:*:*"
    ],
    "vendor": "telit_cinterion",
    "product": "pds6",
    "versions": [
      {
        "status": "affected",
        "version": "pds6"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:telit_cinterion:pds8:*:*:*:*:*:*:*:*"
    ],
    "vendor": "telit_cinterion",
    "product": "pds8",
    "versions": [
      {
        "status": "affected",
        "version": "pds8"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:telit_cinterion:els61:*:*:*:*:*:*:*:*"
    ],
    "vendor": "telit_cinterion",
    "product": "els61",
    "versions": [
      {
        "status": "affected",
        "version": "els61"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:telit_cinterion:els81:*:*:*:*:*:*:*:*"
    ],
    "vendor": "telit_cinterion",
    "product": "els81",
    "versions": [
      {
        "status": "affected",
        "version": "els81"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:telit_cinterion:pls62:*:*:*:*:*:*:*:*"
    ],
    "vendor": "telit_cinterion",
    "product": "pls62",
    "versions": [
      {
        "status": "affected",
        "version": "pls62"
      }
    ],
    "defaultStatus": "unknown"
  }
]

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

total

Related for VULNRICHMENT:CVE-2023-47612