CVE-2023-47610

Published Nov 9, 2023

Last updated 4 months ago

CVSS critical 9.8

Overview

Description: A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion EHS5/6/8 that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted SMS message.
Source: vulnerability@kaspersky.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

Weaknesses

nvd@nist.gov: CWE-120
vulnerability@kaspersky.com: CWE-120

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:telit:bgs5_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "236A82FB-6772-43F5-BFE5-378A6F740A25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:telit:bgs5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ACE7A300-7A40-49FB-95A3-4F75796A6DB1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:telit:ehs5_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C33F8018-2AA2-4AA2-B97A-FB848F5D1C06"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:telit:ehs5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5E937F19-944A-4D76-AF25-488FD30FABBB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:telit:ehs6_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEA2FCCD-752B-4DAB-8353-EF1B35AB143F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:telit:ehs6:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "57219468-C424-43D0-98C0-A85A250AB733"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:telit:ehs8_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C74BE72-65CB-4DF3-8AE3-EBCFCD640BFD"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:telit:ehs8:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "691F7CF3-B36D-4440-A8A8-A4863FD5E828"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:telit:pds5_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1969DA7-72FC-4981-A3D5-A7919AA5D774"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:telit:pds5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1F563DF9-B922-4FCF-8078-EA354F0ED5B5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:telit:pds6_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70E71C87-3011-43DB-ADB0-A926C7A8E87A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:telit:pds6:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EB6E32F2-2723-43B9-A730-22BCF9D420B0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:telit:pds8_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1418767F-34D5-41A0-82BB-BBA7575DD21D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:telit:pds8:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6F08EFD2-855A-498D-B88E-59414317BBFC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:telit:els61_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B580262-9CF7-4FE4-99E6-F3486A498F10"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:telit:els61:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DEEA5EE5-4F4A-4684-A15E-13AD8D553D3B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:telit:els81_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAAC546F-9F47-4AFC-93EF-9261BFCE9ECB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:telit:els81:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BE8E98E9-4BB6-48E5-89ED-420653101A2C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:telit:pls62_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4647F52-2F3E-45F3-BD84-B54950A06AC8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:telit:pls62:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AF3DBFD6-1C3D-4A8B-B458-E85DE4AF86BF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References