CVE-2019-13553

CVE-2019-13553

Vendor N/A
Product Rittal Chiller SK 3232-Series
Weakness CWE-798 · Hardcoded credentials
Published October 25, 2019
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow attackers to influence the primary operations of the affected systems, namely turning the cooling unit on and off and setting the temperature set point.

Key dates

02Disclosure timeline

October 25, 2019 CVE published
August 4, 2024 Record updated