CVE-2019-13553

Summary

Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow attackers to influence the primary operations of the affected systems, namely turning the cooling unit on and off and setting the temperature set point.

Affected Software

VendorProductVersion RangeStatus
n/aRittal Chiller SK 3232-SeriesRittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4affected

Weaknesses

  • CWE-798: USE OF HARD-CODED CREDENTIALS CWE-798

ADP Enrichment

CVE Program Container

Additional References

References