Search by:
09 November 2023
KLCERT-22-212: Telit Cinterion (Thales/Gemalto) modules. Exposure of Sensitive Information Through Environmental Variables
Vendor
Telit Cinterion
CVE
KLCERT
KLCERT-22-212
Timeline
Timeline
Kaspersky ICS CERT advisory published
09 November 2023
Vulnerability reported
February 2023
A CWE-526: Exposure of Sensitive Information Through Environmental Variables vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to get access to a sensitive data on the targeted system.
CVSS v3
Exploitability
Locally
Integrity
None
Availability
None
Affected products
The following Telit products:
Mitigation
Kaspersky ICS CERT mitigation
Kaspersky publishes information on newly identified vulnerabilities in order to raise user awareness of the IT security threats detected. Kaspersky does not make any guarantees with respect to information received from vendors of products in which vulnerabilities have been identified, which is included in the following sections of the advisory: Affected Products, Vendor Mitigation.
Timeline
Kaspersky ICS CERT advisory published
09 November 2023
Vulnerability reported
February 2023