08 November 2023

KLCERT-23-018: Telit Cinterion (Thales/Gemalto) modules. Buffer Copy without Checking Size of Input vulnerability

Vendor

Telit Cinterion

Researchers

Sergey Anufrienko, Vulnerability Research Group Manager, Kaspersky ICS CERT

Alexander Kozlov, Kaspersky

Timeline

Timeline

  • Kaspersky ICS CERT advisory updated

    22 July 2024

  • Kaspersky ICS CERT advisory published

    08 November 2023

  • Vulnerability reported

    February 2023

Description

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion EHS5/6/8 that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted SMS message.


Exploitability

Remotely

Attack complexity

High

User interaction

None

Confidentiality

High

Integrity

High

Availability

High

Impact

Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system.

Affected products

The following Telit products:

  • Telit Cinterion EHS5/6/8 (All versions)

Mitigation

Kaspersky ICS CERT mitigation

  • Contact the mobile operator to disable the sending of SMS messages to the device.
  • Use private APN with carefully configured security settings to limit impact of any potential exploit. Review the current security configuration in setups that already use private APN.

Kaspersky publishes information on newly identified vulnerabilities in order to raise user awareness of the IT security threats detected. Kaspersky does not make any guarantees with respect to information received from vendors of products in which vulnerabilities have been identified, which is included in the following sections of the advisory: Affected Products, Vendor Mitigation.

Timeline

  • Kaspersky ICS CERT advisory updated

    22 July 2024

  • Kaspersky ICS CERT advisory published

    08 November 2023

  • Vulnerability reported

    February 2023