Headline

CVE-2023-47611: KLCERT-22-216: Telit Cinterion (Thales/Gemalto) modules. Improper Privilege Management vulnerability | Kaspersky ICS CERT

A CWE-269: Improper Privilege Management vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to elevate privileges to “manufacturer” level on the targeted system.

12 months ago

CVE

Open in Source

#vulnerability #backdoor

CVE

2023-47611
KLCERT

KLCERT-22-216

Sergey Anufrienko, Vulnerability Research Group Manager, Kaspersky ICS CERT

Alexander Kozlov, Kaspersky

Timeline

Kaspersky ICS CERT advisory published

08 November 2023
Vulnerability reported

February 2023

Description

Impact

Successful exploitation of this vulnerability could allow a local, low privileged attacker to elevate privileges to “manufacturer” level on the targeted system.

Affected products

The following Telit products:

Telit Cinterion BGS5 (All versions before RN 2.000, ARN 01.001.08)
Telit Cinterion EHS5 (All versions before RN 4.013, ARN 01.000.06)
Telit Cinterion EHS6 Rel.2 (All versions before RN 2.000, ARN 00.000.20)
Telit Cinterion EHS6 Rel.3 (All versions before RN 3.001, ARN 00.000.49)
Telit Cinterion EHS6 Rel.4 (All versions before RN 4.013, ARN 01.000.06)
Telit Cinterion EHS8 (All versions before RN 3.011, ARN 00.000.60)
Telit Cinterion EHS8 Rel.4 (All versions before RN 4.013, ARN 01.000.06)
Telit Cinterion ELS61-AUS REL.1 (All versions before RN 1.004, ARN 00.006.01)
Telit Cinterion ELS61-AUS Rel.1 MR (All versions before RN 1.005, ARN 00.005.01)
Telit Cinterion ELS61-E REL.1 (All versions before RN 1.000, ARN 00.030.01)
Telit Cinterion ELS61-E Rel.1 MR (All versions before RN 1.000, ARN 00.032.02)
Telit Cinterion ELS61-E Rel.2 (All versions before RN 2.000, ARN 01.000.03)
Telit Cinterion ELS61-E2 REL.1 (All versions before RN 1.000, ARN 00.026.01)
Telit Cinterion ELS61-E2 Rel.1 MR (All versions before RN 1.000, ARN 00.032.02)
Telit Cinterion ELS61-US Rel.1 MR (All versions before RN 1.01, ARN 00.028.01)
Telit Cinterion ELS61-US REL.2 (All versions before RN 2.012, ARN 01.000.05)
Telit Cinterion ELS81-E Rel.1 (All versions before RN 4.000, ARN 01.000.05)
Telit Cinterion ELS81-E Rel.1.1 (All versions before RN 5.001, ARN 01.000.04)
Telit Cinterion ELS81-US Rel.1.1 (All versions before RN 5.012, ARN 01.000.05)
Telit Cinterion PDS5-E Rel.1 (All versions before RN 3.001, ARN 00.000.32)
Telit Cinterion PDS5-E Rel.4 (All versions before RN 4.013, ARN 01.000.06)
Telit Cinterion PDS6 (All versions)
Telit Cinterion PDS8 (All versions)
Telit Cinterion PLS62-W (All versions)
Telit Cinterion PLS62-W Rel.1 (All versions before RN 4.013, ARN 01.000.06).

Mitigation

Kaspersky ICS CERT mitigation

Enforce application signature verification to prohibit the installation of untrusted MIDlets on the device;
Control physical access to the device at all stages of transportation to protect against the embedding of backdoors.

Kaspersky publishes information on newly identified vulnerabilities in order to raise user awareness of the IT security threats detected. Kaspersky does not make any guarantees with respect to information received from vendors of products in which vulnerabilities have been identified, which is included in the following sections of the advisory: Affected Products, Vendor Mitigation.

Timeline

Kaspersky ICS CERT advisory published

08 November 2023
Vulnerability reported

February 2023

By Waqas Millions of IoT and industrial devices at risk! Critical vulnerabilities in Cinterion cellular modems allow remote attackers to take control. This is a post from HackRead.com Read the original post: Cinterion Modem Vulnerabilities Leave IoT and Industrial Networks Exposed

6 months ago

HackRead

Open in Source

#vulnerability #google #git #java #wordpress #aws #asus #auth