Carel Pcoweb Firmware vulnerabilities
2 known vulnerabilities affecting carel/pcoweb_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2019-13553P2CRITICALCVSS 9.8≥ a1.5.3, ≤ b1.2.42019-10-25
CVE-2019-13553 [CRITICAL] CWE-798 CVE-2019-13553: Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow attackers to influence the primary operations of the affected systems, namely turning the cooling unit on and off and setting the
nvd
CVE-2019-13549P3HIGHCVSS 7.5≥ a1.5.3, ≤ b1.2.42019-10-25
CVE-2019-13549 [HIGH] CWE-306 CVE-2019-13549: Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modi
nvd