Full Report
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to get access to a sensitive data on the targeted system.
Analysis Summary
# Vulnerability: Sensitive Data Exposure in Telit Cinterion Modules (Physical Access Required)
## CVE Details
- CVE ID: CVE-2023-47616
- CVSS Score: 0.0 (None) - *Note: CVSS v3.1 calculates to 0.0 due to the highly constrained attack vector (Physical access).*
- CWE: CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor)
## Affected Systems
- Products:
- Telit Cinterion BGS5
- Telit Cinterion EHS5/6/8
- Telit Cinterion PDS5/6/8
- Telit Cinterion ELS61/81
- Telit Cinterion PLS62
- Versions: All versions for the listed products.
- Configurations: Physical access to the target system is required.
## Vulnerability Description
A weakness classified as CWE-200 exists in several Telit Cinterion cellular modules. This vulnerability allows an attacker who has gained physical access to the target device to potentially access sensitive data stored on that system.
## Exploitation
- Status: Information regarding active exploitation in the wild is not provided; treated as unconfirmed/not exploited.
- Complexity: Low (Assuming physical access is gained).
- Attack Vector: Physical
## Impact
- Confidentiality: Low (Exposure of sensitive data)
- Integrity: None
- Availability: None
## Remediation
### Patches
- No specific patch versions or advisory links were provided in the source text. Users must consult the vendor (Telit Cinterion) advisories for patch information.
### Workarounds
- Control physical access to the device at all stages of transportation and operation to prevent unauthorized physical interaction and the potential embedding of backdoors.
## Detection
- Detection methods focus primarily on physical security monitoring, as the exploit requires physical access.
- Indicators of compromise would likely involve unauthorized physical tampering or evidence of data extraction attempts following physical access.
## References
- Vendor Advisory (Source): hxxps://ics-cert.kaspersky.com/advisories/2023/11/09/klcert-22-193-telit-cinterion-thales-gemalto-modules-exposure-of-sensitive-information-to-an-unauthorized-actor