CVE-2023-47616

LOW

Telit Cinterion BGS5 EHS5/6/8 PDS5/6/8 ELS61/81 PLS62 - Exposure of Sensitive Information via Physical Access

Title source: llm

Description

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to get access to a sensitive data on the targeted system.

References (1)

Core 1

Core References

Third Party Advisory third-party-advisory

https://ics-cert.kaspersky.com/advisories/2023/11/09/klcert-22-193-telit-cinterion-thales-gemalto-modules-exposure-of-sensitive-information-to-an-unauthorized-actor/

Scores

CVSS v3 2.4

EPSS 0.0030

EPSS Percentile 21.3%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (10)

telit/bgs5_firmware

telit/ehs5_firmware

telit/ehs6_firmware

telit/ehs8_firmware

telit/els61_firmware

telit/els81_firmware

telit/pds5_firmware

telit/pds6_firmware

telit/pds8_firmware

telit/pls62_firmware

Published Nov 09, 2023

Tracked Since Feb 18, 2026