Product:

Ehs8_firmware

(Telit)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 7
Date Id Summary Products Score Patch Annotated
2023-11-09 CVE-2023-47610 A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion EHS5/6/8 that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted SMS message. Bgs5_firmware, Ehs5_firmware, Ehs6_firmware, Ehs8_firmware, Els61_firmware, Els81_firmware, Pds5_firmware, Pds6_firmware, Pds8_firmware, Pls62_firmware 9.8
2023-11-09 CVE-2023-47613 A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to escape from virtual directories and get read/write access to protected files on the targeted system. Bgs5_firmware, Ehs5_firmware, Ehs6_firmware, Ehs8_firmware, Els61_firmware, Els81_firmware, Pds5_firmware, Pds6_firmware, Pds8_firmware, Pls62_firmware 7.1
2023-11-09 CVE-2023-47612 A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a read/write access to any files and directories on the targeted system, including hidden files and directories. Bgs5_firmware, Ehs5_firmware, Ehs6_firmware, Ehs8_firmware, Els61_firmware, Els81_firmware, Pds5_firmware, Pds6_firmware, Pds8_firmware, Pls62_firmware 6.1
2023-11-09 CVE-2023-47615 A CWE-526: Exposure of Sensitive Information Through Environmental Variables vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to get access to a sensitive data on the targeted system. Bgs5_firmware, Ehs5_firmware, Ehs6_firmware, Ehs8_firmware, Els61_firmware, Els81_firmware, Pds5_firmware, Pds6_firmware, Pds8_firmware, Pls62_firmware 5.5
2023-11-09 CVE-2023-47616 A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to get access to a sensitive data on the targeted system. Bgs5_firmware, Ehs5_firmware, Ehs6_firmware, Ehs8_firmware, Els61_firmware, Els81_firmware, Pds5_firmware, Pds6_firmware, Pds8_firmware, Pls62_firmware 4.6
2023-11-10 CVE-2023-47614 A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to disclose hidden virtual paths and file names on the targeted system. Bgs5_firmware, Ehs5_firmware, Ehs6_firmware, Ehs8_firmware, Els61_firmware, Els81_firmware, Pds5_firmware, Pds6_firmware, Pds8_firmware, Pls62_firmware 3.3
2023-11-10 CVE-2023-47611 A CWE-269: Improper Privilege Management vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to elevate privileges to "manufacturer" level on the targeted system. Bgs5_firmware, Ehs5_firmware, Ehs6_firmware, Ehs8_firmware, Els61_firmware, Els81_firmware, Pds5_firmware, Pds6_firmware, Pds8_firmware, Pls62_firmware 7.8