CVE-2023-47613 MEDIUM

CVE-2023-47613

Vendor Telit Cinterion

Product BGS5

Weakness CWE-23

Published November 9, 2023

Last update September 3, 2024

View on NVD All CVEs

CVSS base score

4.4/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to escape from virtual directories and get read/write access to protected files on the targeted system.

Key dates

02Disclosure timeline

November 9, 2023 CVE published

September 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-47613

Related vulnerabilities

Identifiers

CVE CVE-2023-47613

CWE CWE-23

CVSS 4.4 / MEDIUM

Affected versions

Vendor Telit Cinterion

Product BGS5

Affected All versions

Vendor Telit Cinterion

Product EHS5

Affected All versions

Vendor Telit Cinterion

Product EHS6

Affected All versions

Vendor Telit Cinterion

Product EHS8

Affected All versions

Vendor Telit Cinterion

Product PDS5

Affected All versions

Vendor Telit Cinterion

Product PDS6

Affected All versions

Vendor Telit Cinterion

Product PDS8

Affected All versions

Vendor Telit Cinterion

Product ELS61

Affected All versions

Vendor Telit Cinterion

Product ELS81

Affected All versions

Vendor Telit Cinterion

Product PLS62

Affected All versions

CVE-2023-47613

01Description

02Disclosure timeline

03References

04Related CVE