PatchSiren cyber security CVE debrief
CVE-2023-47616 Telit Cinterion CVE debrief
CVE-2023-47616 is a medium-severity information disclosure issue affecting ABB Arctic Wireless Gateways ARG600, ARC600, and ARR600 with Telit PLS62-W wireless modem modules. CISA and ABB state that an attacker with physical access to the target system may be able to access sensitive data on the wireless modem module.
- Vendor
- Telit Cinterion
- Product
- Arctic Wireless Gateways
- CVSS
- MEDIUM 4.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-04-07
- Original CVE updated
- 2025-04-07
- Advisory published
- 2025-04-07
- Advisory updated
- 2025-04-07
Who should care
Operators, maintainers, and security teams responsible for ABB Arctic Wireless Gateways ARG600/ARC600/ARR600, especially deployments where the device may be physically reachable or where the modem/SMS/SSH management paths are in use.
Technical summary
The supplied advisory describes an exposure of sensitive information to an unauthorized actor with attack vector AV:P, meaning physical access is required. The CVSS vector is CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, indicating high confidentiality impact but no integrity or availability impact. Affected products are the ABB Arctic Wireless Gateway ARG600, ARC600, and ARR600 with Telit PLS62-W wireless modem modules. The advisory emphasizes compensating controls: obtain a private cellular access point, request disabling binary SMS, prefer OpenVPN for remote access, do not expose SSH to public networks, and restrict physical access.
Defensive priority
Medium priority. The issue is publicly disclosed and affects confidentiality, but it requires physical access and is not marked as KEV in the supplied data. Prioritize devices in accessible field locations and systems that expose SSH or cellular management paths.
Recommended defensive actions
- Restrict physical access to the gateway and its modem module.
- Keep SSH closed to public networks; use a private network or OpenVPN tunnel for remote administration.
- Ask the mobile network operator to disable binary SMS for the subscription, or disable SMS services entirely if they are not needed.
- Consider obtaining a private cellular access point to reduce exposure.
- Review ABB guidance and apply the source-referenced general security recommendations for industrial control systems.
Evidence notes
The source advisory is CISA ICSA-25-100-09, published 2025-04-07 with initial revision 1.0.0. It lists ABB as vendor and the affected products as Arctic Wireless Gateway ARG600, ARC600, and ARR600 with Telit PLS62-W wireless modem modules. The advisory text explicitly states that an attacker with physical access could access sensitive data on the wireless modem module. The CVSS vector provided in the source is AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, and the supplied enrichment marks the issue as not in CISA KEV.
Official resources
-
CVE-2023-47616 CVE record
CVE.org
-
CVE-2023-47616 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed by CISA and ABB in advisory ICSA-25-100-09 on 2025-04-07 (initial version 1.0.0). The supplied enrichment does not mark CVE-2023-47616 as a CISA Known Exploited Vulnerability.