Back to search
CVE-2019-13553
Published: Oct 25, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow attackers to influence the primary operations of the affected systems, namely turning the cooling unit on and off and setting the temperature set point.
| Vendor | Product | Versions |
|---|---|---|
n/a | Rittal Chiller SK 3232-Series | affected Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4 |
Weaknesses (CWE)
References
https://www.us-cert.gov/ics/advisories/icsa-19-297-01
x_refsource_MISC
20191031 [RT-SA-2019-013] Unsafe Storage of Credentials in Carel pCOWeb HVAC
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now