3 matches found
CVE-2019-13549
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on an...
CVE-2019-13549
CVE-2019-13549 affects the Rittal Chiller SK 3232-Series web interface built on Carel pCOWeb firmware A1.5.3–B1.2.4. The issue is improper access control: authentication does not sufficiently protect against unauthorized configuration changes, allowing modification of primary operations (turning ...
Rittal Chiller SK 3232-Series
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rittal Equipment: Rittal Chiller SK 3232-Series Vulnerabilities: Missing Authentication for Critical Function, Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these...