CVE-2023-47616
low-risk
Published 2023-11-09
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to get access to a sensitive data on the targeted system.
Do I need to act?
-
0.03% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
2
CVSS 2.4/10
Low
PHYSICAL
/ LOW complexity
Affected Products (10)
Bgs5 Firmware
Ehs5 Firmware
Ehs6 Firmware
Ehs8 Firmware
Pds5 Firmware
Pds6 Firmware
Pds8 Firmware
Els61 Firmware
Els81 Firmware
Pls62 Firmware
Affected Vendors
References (2)
Third Party Advisory
https://ics-cert.kaspersky.com/advisories/2023/11/09/klcert-22-193-telit-cinteri...
Third Party Advisory
https://ics-cert.kaspersky.com/advisories/2023/11/09/klcert-22-193-telit-cinteri...
26
/ 100
low-risk
Severity
10/34 · Low
Exploitability
0/34 · Minimal
Exposure
16/34 · Moderate