Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-13553 | 2 Carel, Rittal | 2 Pcoweb Firmware, Chiller Sk 3232 | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow attackers to influence the primary operations of the affected systems, namely turning the cooling unit on and off and setting the temperature set point. | |||||
CVE-2019-13549 | 2 Carel, Rittal | 2 Pcoweb Firmware, Chiller Sk 3232 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication. |