CVSS Score of 10 (low)


Published Jun 29, 2023
Updated: Jul 11, 2023


CVE-2023-35830, also known as STW TCG-4 Connectivity Module DeploymentPackage_v3.03r0-Impala and DeploymentPackage_v3.04r2-Jellyfish, and TCG-4lite Connectivity Module DeploymentPackage_v3.04r2-Jellyfish, is a vulnerability that allows an attacker to gain full remote access with root privileges without authentication on the affected products tz88vQ, tz88vM, tz88vN, tz88vO, and tz88vP. This vulnerability enables arbitrary remote code execution over LTE/4G networks via SMS, posing a high risk to organizations. The National Vulnerability Database (NVD) rates this vulnerability as critical with a base score of 9.8 out of 10 and highlights the high impact on integrity and confidentiality. Remediation measures need to be implemented promptly to mitigate the potential damage from this vulnerability.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-35830 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options