Vulnerability Description
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion EHS5/6/8 that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted SMS message.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Telit | Bgs5 Firmware | - |
| Telit | Bgs5 | - |
| Telit | Ehs5 Firmware | - |
| Telit | Ehs5 | - |
| Telit | Ehs6 Firmware | - |
| Telit | Ehs6 | - |
| Telit | Ehs8 Firmware | - |
| Telit | Ehs8 | - |
| Telit | Pds5 Firmware | - |
| Telit | Pds5 | - |
| Telit | Pds6 Firmware | - |
| Telit | Pds6 | - |
| Telit | Pds8 Firmware | - |
| Telit | Pds8 | - |
| Telit | Els61 Firmware | - |
| Telit | Els61 | - |
| Telit | Els81 Firmware | - |
| Telit | Els81 | - |
| Telit | Pls62 Firmware | - |
| Telit | Pls62 | - |
Related Weaknesses (CWE)
References
- https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-23-018-telit-cinteriThird Party Advisory
- https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-23-018-telit-cinteriThird Party Advisory
FAQ
What is CVE-2023-47610?
CVE-2023-47610 is a vulnerability with a CVSS score of 8.1 (HIGH). A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion EHS5/6/8 that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted syst...
How severe is CVE-2023-47610?
CVE-2023-47610 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-47610?
Check the references section above for vendor advisories and patch information. Affected products include: Telit Bgs5 Firmware, Telit Bgs5, Telit Ehs5 Firmware, Telit Ehs5, Telit Ehs6 Firmware.