CVE-2023-47616

Description

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to get access to a sensitive data on the targeted system.

Remediation

Workaround:

Control physical access to the device at all stages of transportation to protect against the embedding of backdoors.

References

Link	Tags
https://ics-cert.kaspersky.com/advisories/2023/11/09/klcert-22-193-telit-cinterion-thales-gemalto-modules-exposure-of-sensitive-information-to-an-unauthorized-actor/	third party advisory

Frequently Asked Questions

What is the severity of CVE-2023-47616?: CVE-2023-47616 has been scored as a low severity vulnerability.
How to fix CVE-2023-47616?: As a workaround for remediating CVE-2023-47616: Control physical access to the device at all stages of transportation to protect against the embedding of backdoors.
Is CVE-2023-47616 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2023-47616 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-47616?: CVE-2023-47616 affects Telit Cinterion BGS5, Telit Cinterion EHS5, Telit Cinterion EHS6, Telit Cinterion EHS8, Telit Cinterion PDS5, Telit Cinterion PDS6, Telit Cinterion PDS8, Telit Cinterion ELS61, Telit Cinterion ELS81, Telit Cinterion PLS62.

Description

Remediation

Category

CWE-200 – Exposure of Sensitive Information to an Unauthorized Actor

References

Frequently Asked Questions