5 matches found
CVE-2024-47943
The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if the patch files are signed before executing the containing run.sh script. The signing process is kind of an HMAC with a long string as key which is hard-coded in the...
CVE-2024-47943 Improper signature verification of firmware upgrade files
The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if the patch files are signed before executing the containing run.sh script. The signing process is kind of an HMAC with a long string as key which is hard-coded in the...
CVE-2024-47943
CVE-2024-47943 affects the Rittal IoT Interface & CMC III Processing Unit. The firmware upgrade feature does not properly verify patch signatures: the signing uses an HMAC-like mechanism with a hard-coded key, which is publicly available, allowing attackers to craft malicious signed .patch files ...
CVE-2024-47943 Improper signature verification of firmware upgrade files
The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if the patch files are signed before executing the containing run.sh script. The signing process is kind of an HMAC with a long string as key which is hard-coded in the...
Rittal IoT Interface & CMC III Processing Unit 安全漏洞
The Rittal IoT Interface & CMC III Processing Unit is a key component of Rittal Germany's Smart Networking of Sensors for monitoring physical environmental conditions. A security vulnerability exists in Rittal IoT Interface & CMC III Processing Unit versions prior to 6.21.00.2, which stems from a...