A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion EHS5/6/8 that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted SMS message.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| vulnerability@kaspersky.com | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| telit | ehs8_firmware | - |
| telit | pds5_firmware | - |
| telit | ehs5_firmware | - |
| telit | pds6_firmware | - |
| telit | ehs6_firmware | - |
| telit | els81_firmware | - |
| telit | bgs5_firmware | - |
| telit | pds8_firmware | - |
| telit | els61_firmware | - |
| telit | pls62_firmware | - |
A CWE-269: Improper Privilege Management vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to elevate privileges to "manufacturer" level on the targeted system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| vulnerability@kaspersky.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| telit | ehs8_firmware | - |
| telit | pds5_firmware | - |
| telit | ehs5_firmware | - |
| telit | pds6_firmware | - |
| telit | ehs6_firmware | - |
| telit | els81_firmware | - |
| telit | bgs5_firmware | - |
| telit | pds8_firmware | - |
| telit | els61_firmware | - |
| telit | pls62_firmware | - |
A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a read/write access to any files and directories on the targeted system, including hidden files and directories.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| vulnerability@kaspersky.com | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 0.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| telit | ehs8_firmware | - |
| telit | pds5_firmware | - |
| telit | ehs5_firmware | - |
| telit | pds6_firmware | - |
| telit | ehs6_firmware | - |
| telit | els81_firmware | - |
| telit | bgs5_firmware | - |
| telit | pds8_firmware | - |
| telit | els61_firmware | - |
| telit | pls62_firmware | - |
A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to escape from virtual directories and get read/write access to protected files on the targeted system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| vulnerability@kaspersky.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N | 1.8 | 2.5 |
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 1.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| telit | ehs8_firmware | - |
| telit | pds5_firmware | - |
| telit | ehs5_firmware | - |
| telit | pds6_firmware | - |
| telit | ehs6_firmware | - |
| telit | els81_firmware | - |
| telit | bgs5_firmware | - |
| telit | pds8_firmware | - |
| telit | els61_firmware | - |
| telit | pls62_firmware | - |
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to disclose hidden virtual paths and file names on the targeted system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| vulnerability@kaspersky.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| telit | ehs8_firmware | - |
| telit | pds5_firmware | - |
| telit | ehs5_firmware | - |
| telit | pds6_firmware | - |
| telit | ehs6_firmware | - |
| telit | els81_firmware | - |
| telit | bgs5_firmware | - |
| telit | pds8_firmware | - |
| telit | els61_firmware | - |
| telit | pls62_firmware | - |
A CWE-526: Exposure of Sensitive Information Through Environmental Variables vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to get access to a sensitive data on the targeted system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| vulnerability@kaspersky.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| telit | ehs8_firmware | - |
| telit | pds5_firmware | - |
| telit | ehs5_firmware | - |
| telit | pds6_firmware | - |
| telit | ehs6_firmware | - |
| telit | els81_firmware | - |
| telit | bgs5_firmware | - |
| telit | pds8_firmware | - |
| telit | els61_firmware | - |
| telit | pls62_firmware | - |
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to get access to a sensitive data on the targeted system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| vulnerability@kaspersky.com | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| telit | ehs8_firmware | - |
| telit | pds5_firmware | - |
| telit | ehs5_firmware | - |
| telit | pds6_firmware | - |
| telit | ehs6_firmware | - |
| telit | els81_firmware | - |
| telit | bgs5_firmware | - |
| telit | pds8_firmware | - |
| telit | els61_firmware | - |
| telit | pls62_firmware | - |