MidnightBSD

Advisories for telit

CVE-2023-47610

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion EHS5/6/8 that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted SMS message.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
vulnerability@kaspersky.com 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
telit ehs8_firmware -
telit pds5_firmware -
telit ehs5_firmware -
telit pds6_firmware -
telit ehs6_firmware -
telit els81_firmware -
telit bgs5_firmware -
telit pds8_firmware -
telit els61_firmware -
telit pls62_firmware -
CVE-2023-47611

A CWE-269: Improper Privilege Management vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to elevate privileges to "manufacturer" level on the targeted system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
vulnerability@kaspersky.com 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
telit ehs8_firmware -
telit pds5_firmware -
telit ehs5_firmware -
telit pds6_firmware -
telit ehs6_firmware -
telit els81_firmware -
telit bgs5_firmware -
telit pds8_firmware -
telit els61_firmware -
telit pls62_firmware -
CVE-2023-47612

A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a read/write access to any files and directories on the targeted system, including hidden files and directories.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
vulnerability@kaspersky.com 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 0.9 5.2

Products Affected

Vendor Product Version
telit ehs8_firmware -
telit pds5_firmware -
telit ehs5_firmware -
telit pds6_firmware -
telit ehs6_firmware -
telit els81_firmware -
telit bgs5_firmware -
telit pds8_firmware -
telit els61_firmware -
telit pls62_firmware -
CVE-2023-47613

A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to escape from virtual directories and get read/write access to protected files on the targeted system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
vulnerability@kaspersky.com 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 1.8 2.5
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 1.8 5.2

Products Affected

Vendor Product Version
telit ehs8_firmware -
telit pds5_firmware -
telit ehs5_firmware -
telit pds6_firmware -
telit ehs6_firmware -
telit els81_firmware -
telit bgs5_firmware -
telit pds8_firmware -
telit els61_firmware -
telit pls62_firmware -
CVE-2023-47614

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to disclose hidden virtual paths and file names on the targeted system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4
vulnerability@kaspersky.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
telit ehs8_firmware -
telit pds5_firmware -
telit ehs5_firmware -
telit pds6_firmware -
telit ehs6_firmware -
telit els81_firmware -
telit bgs5_firmware -
telit pds8_firmware -
telit els61_firmware -
telit pls62_firmware -
CVE-2023-47615

A CWE-526: Exposure of Sensitive Information Through Environmental Variables vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to get access to a sensitive data on the targeted system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
vulnerability@kaspersky.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 1.8 1.4

Products Affected

Vendor Product Version
telit ehs8_firmware -
telit pds5_firmware -
telit ehs5_firmware -
telit pds6_firmware -
telit ehs6_firmware -
telit els81_firmware -
telit bgs5_firmware -
telit pds8_firmware -
telit els61_firmware -
telit pls62_firmware -
CVE-2023-47616

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to get access to a sensitive data on the targeted system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
vulnerability@kaspersky.com 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 0.9 1.4
nvd@nist.gov 4.6 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.9 3.6

Products Affected

Vendor Product Version
telit ehs8_firmware -
telit pds5_firmware -
telit ehs5_firmware -
telit pds6_firmware -
telit ehs6_firmware -
telit els81_firmware -
telit bgs5_firmware -
telit pds8_firmware -
telit els61_firmware -
telit pls62_firmware -