CVE-2024-47944

CVE-2024-47944: Missing Protection Mechanism for Alternate Hardware Interface

Vendor Rittal Gmbh & Co. Kg
Product IoT Interface & CMC III Processing Unit
Weakness CWE-1299
Published October 15, 2024
Last update November 3, 2025

CVSS base score

What the vulnerability does

01Description

The device directly executes .patch firmware upgrade files on a USB stick without any prior authentication in the admin interface. This leads to an unauthenticated code execution via the firmware upgrade function.

Key dates

02Disclosure timeline

October 15, 2024 CVE published
November 3, 2025 Record updated