17 matches found
EUVD-2019-5008
Malware in sbrugna...
EUVD-2019-5004
Malware in sbrugna...
CVE-2019-13549
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on an...
CVE-2019-13553
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow attackers to influence the primary operations of the affected systems, namely...
CVE-2019-13553
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow attackers to influence the primary operations of the affected systems, namely...
CVE-2019-13549
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on an...
CVE-2019-13549
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on an...
CVE-2019-13553
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow attackers to influence the primary operations of the affected systems, namely...
Authentication flaw
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on an...
Hardcoded credentials
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow attackers to influence the primary operations of the affected systems, namely...
CVE-2019-13553
The CVE-2019-13553 entry describes a vulnerability in the Rittal Chiller SK 3232-Series web interface built on Carel pCOWeb firmware (A1.5.3–B1.2.4). The underlying issue is hard-coded credentials in the authentication mechanism, which could allow an attacker to influence core operations of the c...
CVE-2019-13553
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow attackers to influence the primary operations of the affected systems, namely...
CVE-2019-13549
CVE-2019-13549 affects the Rittal Chiller SK 3232-Series web interface built on Carel pCOWeb firmware A1.5.3–B1.2.4. The issue is improper access control: authentication does not sufficiently protect against unauthorized configuration changes, allowing modification of primary operations (turning ...
CVE-2019-13549
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on an...
Rittal Chiller SK 3232-Series Improper Access Control Vulnerability
The Rittal Chiller SK 3232-Series is a liquid cooling device from Rittal, Germany. An improper access control vulnerability in the web interface in the Rittal Chiller SK 3232-Series, which arises from an authentication mechanism that is not sufficiently protected to prevent unauthorized...
Rittal Chiller SK 3232-Series
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rittal Equipment: Rittal Chiller SK 3232-Series Vulnerabilities: Missing Authentication for Critical Function, Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these...
Rittal Chiller ICSA-19-297-01 Authentication Bypass and Hardcoded Credentials Vulnerabilities
Description Rittal Chiller is prone to the following security vulnerabilities: 1. An authentication bypass vulnerability 2. A hard-coded credentials vulnerability An attacker can exploit these issues to bypass the authentication mechanism and gain unauthorized access to the affected device. This...