HIGH🇬🇧 English

CVE-2019-13549

CVSS 7.5v3.1pub. 2019-10-25upd. 2024-11-21

Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  • Carel Pcoweb Firmware

    OS
    Carel
    a1.5.3 – b1.2.4
  • Rittal Chiller Sk 3232

    HW
    Rittal
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2019-13553CRITICAL9.8ten sam produkt

Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentic...

CVE-2024-47945CRITICAL9.8PL ✓ten sam vendor

Przewidywalne identyfikatory sesji w urządzeniach Rittal IoT Interface i CMC III

CVE-2022-34827CRITICAL9.9ten sam vendor

Carel Boss Mini 1.5.0 has Improper Access Control.

CVE-2020-11951CRITICAL9.8ten sam vendor

An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices....

CVE-2020-11956CRITICAL9.8ten sam vendor

An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices....