cvelistv5 - CVE-2019-13549

CVE-2019-13549 (GCVE-0-2019-13549)

Vulnerability from cvelistv5 – Published: 2019-10-25 17:43 – Updated: 2024-08-04 23:57

Summary

Severity ?

No CVSS data available.

CWE

CWE-306 - MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306

Assigner

icscert

References

URL

Tags

	https://www.us-cert.gov/ics/advisories/icsa-19-297-01	x_refsource_MISC
	http://seclists.org/fulldisclosure/2019/Oct/46	mailing-listx_refsource_FULLDISC

Impacted products

	Vendor	Product	Version
	n/a	Rittal Chiller SK 3232-Series	Affected: Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:57:39.519Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01"
          },
          {
            "name": "20191031 [RT-SA-2019-014] Unauthenticated Access to Modbus Interface in Carel pCOWeb HVAC",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Oct/46"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Rittal Chiller SK 3232-Series",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-01T02:06:25",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01"
        },
        {
          "name": "20191031 [RT-SA-2019-014] Unauthenticated Access to Modbus Interface in Carel pCOWeb HVAC",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Oct/46"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-13549",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Rittal Chiller SK 3232-Series",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01"
            },
            {
              "name": "20191031 [RT-SA-2019-014] Unauthenticated Access to Modbus Interface in Carel pCOWeb HVAC",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Oct/46"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2019-13549",
    "datePublished": "2019-10-25T17:43:09",
    "dateReserved": "2019-07-11T00:00:00",
    "dateUpdated": "2024-08-04T23:57:39.519Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:carel:pcoweb_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"a1.5.3\", \"versionEndIncluding\": \"b1.2.4\", \"matchCriteriaId\": \"6B7B4C31-67E0-488A-9297-B8E8E158DC3E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:rittal:chiller_sk_3232:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3FAC3FD5-429B-48BF-B519-47CAD3E718C0\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \\u2013 B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication.\"}, {\"lang\": \"es\", \"value\": \"El Interfaz web Rittal Chiller SK 3232-Series seg\\u00fan el firmware Carel pCOWeb A1.5.3 - B1.2.4. El mecanismo de autenticaci\\u00f3n en los sistemas afectados no proporciona un nivel suficiente de protecci\\u00f3n contra cambios de configuraci\\u00f3n no autorizados. Las operaciones primarias, a saber, encender y apagar la unidad de enfriamiento y establecer el punto de ajuste de temperatura, se pueden modificar sin autenticaci\\u00f3n.\"}]",
      "id": "CVE-2019-13549",
      "lastModified": "2024-11-21T04:25:07.587",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-10-25T18:15:10.880",
      "references": "[{\"url\": \"http://seclists.org/fulldisclosure/2019/Oct/46\", \"source\": \"ics-cert@hq.dhs.gov\"}, {\"url\": \"https://www.us-cert.gov/ics/advisories/icsa-19-297-01\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Oct/46\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.us-cert.gov/ics/advisories/icsa-19-297-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-306\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-306\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-13549\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2019-10-25T18:15:10.880\",\"lastModified\":\"2024-11-21T04:25:07.587\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication.\"},{\"lang\":\"es\",\"value\":\"El Interfaz web Rittal Chiller SK 3232-Series seg\u00fan el firmware Carel pCOWeb A1.5.3 - B1.2.4. El mecanismo de autenticaci\u00f3n en los sistemas afectados no proporciona un nivel suficiente de protecci\u00f3n contra cambios de configuraci\u00f3n no autorizados. Las operaciones primarias, a saber, encender y apagar la unidad de enfriamiento y establecer el punto de ajuste de temperatura, se pueden modificar sin autenticaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:carel:pcoweb_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"a1.5.3\",\"versionEndIncluding\":\"b1.2.4\",\"matchCriteriaId\":\"6B7B4C31-67E0-488A-9297-B8E8E158DC3E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rittal:chiller_sk_3232:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FAC3FD5-429B-48BF-B519-47CAD3E718C0\"}]}]}],\"references\":[{\"url\":\"http://seclists.org/fulldisclosure/2019/Oct/46\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"https://www.us-cert.gov/ics/advisories/icsa-19-297-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Oct/46\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.us-cert.gov/ics/advisories/icsa-19-297-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
  }
}

CNVD-2019-38069

Vulnerability from cnvd - Published: 2019-10-30

Title

Rittal Chiller SK 3232-Series访问控制不当漏洞

Description

Rittal Chiller SK 3232-Series是德国威图（Rittal）公司的一款液体冷却设备。 Rittal Chiller SK 3232-Series中的Web接口存在访问控制不当漏洞，该漏洞源于身份验证机制未进行充分保护来阻止未授权的配置更改，在使用Carel pCOWeb（A1.5.3版本至B1.2.4版本固件）时，攻击者可利用该漏洞修改一些基本操作，例如打开或关闭制冷设备。

Severity

高

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://www.rittal.com

Reference

https://www.us-cert.gov/ics/advisories/icsa-19-297-01

Impacted products

Name
Rittal Chiller SK 3232-Series

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-13549",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13549"
    }
  },
  "description": "Rittal Chiller SK 3232-Series\u662f\u5fb7\u56fd\u5a01\u56fe\uff08Rittal\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u6db2\u4f53\u51b7\u5374\u8bbe\u5907\u3002\n\nRittal Chiller SK 3232-Series\u4e2d\u7684Web\u63a5\u53e3\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u4e0d\u5f53\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u672a\u8fdb\u884c\u5145\u5206\u4fdd\u62a4\u6765\u963b\u6b62\u672a\u6388\u6743\u7684\u914d\u7f6e\u66f4\u6539\uff0c\u5728\u4f7f\u7528Carel pCOWeb\uff08A1.5.3\u7248\u672c\u81f3B1.2.4\u7248\u672c\u56fa\u4ef6\uff09\u65f6\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4fee\u6539\u4e00\u4e9b\u57fa\u672c\u64cd\u4f5c\uff0c\u4f8b\u5982\u6253\u5f00\u6216\u5173\u95ed\u5236\u51b7\u8bbe\u5907\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://www.rittal.com",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-38069",
  "openTime": "2019-10-30",
  "products": {
    "product": "Rittal Chiller SK 3232-Series"
  },
  "referenceLink": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01",
  "serverity": "\u9ad8",
  "submitTime": "2019-10-24",
  "title": "Rittal Chiller SK 3232-Series\u8bbf\u95ee\u63a7\u5236\u4e0d\u5f53\u6f0f\u6d1e"
}

GSD-2019-13549

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2019-13549

Aliases

CVE-2019-13549

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-13549",
    "description": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication.",
    "id": "GSD-2019-13549"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-13549"
      ],
      "details": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication.",
      "id": "GSD-2019-13549",
      "modified": "2023-12-13T01:23:41.043117Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2019-13549",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Rittal Chiller SK 3232-Series",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01",
            "refsource": "MISC",
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01"
          },
          {
            "name": "20191031 [RT-SA-2019-014] Unauthenticated Access to Modbus Interface in Carel pCOWeb HVAC",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2019/Oct/46"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:carel:pcoweb_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "b1.2.4",
                    "versionStartIncluding": "a1.5.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:rittal:chiller_sk_3232:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2019-13549"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-306"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01"
            },
            {
              "name": "20191031 [RT-SA-2019-014] Unauthenticated Access to Modbus Interface in Carel pCOWeb HVAC",
              "refsource": "FULLDISC",
              "tags": [],
              "url": "http://seclists.org/fulldisclosure/2019/Oct/46"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2020-02-10T21:50Z",
      "publishedDate": "2019-10-25T18:15Z"
    }
  }
}

VAR-201910-1187

Vulnerability from variot - Updated: 2023-12-18 13:28

Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication. Carel pCOWeb Firmware is vulnerable to a lack of authentication for critical functions.Information may be tampered with. Rittal Chiller SK 3232-Series is a liquid cooling device from Rittal

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201910-1187",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "pcoweb",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "carel",
        "version": "a1.5.3"
      },
      {
        "model": "pcoweb",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "carel",
        "version": "b1.2.4"
      },
      {
        "model": "pcoweb card",
        "scope": null,
        "trust": 0.8,
        "vendor": "carel industries s p a",
        "version": null
      },
      {
        "model": "chiller sk 3232-series",
        "scope": null,
        "trust": 0.6,
        "vendor": "rittal",
        "version": null
      },
      {
        "model": "pcoweb",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "carel",
        "version": "b1.2.4"
      },
      {
        "model": "pcoweb",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "carel",
        "version": "a1.5.3"
      },
      {
        "model": "pcoweb",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "carel",
        "version": "a2.0.4"
      },
      {
        "model": "chiller sk 3232",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "rittal",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "pcoweb",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b9b1aba0-4836-4d8e-aa89-e14f250c31f3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-38069"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-011385"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-13549"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-1481"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:carel:pcoweb_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "b1.2.4",
                    "versionStartIncluding": "a1.5.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:rittal:chiller_sk_3232:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-13549"
      }
    ]
  },
  "cve": "CVE-2019-13549",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-13549",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 9.4,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-38069",
            "impactScore": 9.2,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 9.4,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "b9b1aba0-4836-4d8e-aa89-e14f250c31f3",
            "impactScore": 9.2,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-13549",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-13549",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-38069",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201910-1481",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "b9b1aba0-4836-4d8e-aa89-e14f250c31f3",
            "trust": 0.2,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b9b1aba0-4836-4d8e-aa89-e14f250c31f3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-38069"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-011385"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-13549"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-1481"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication. Carel pCOWeb Firmware is vulnerable to a lack of authentication for critical functions.Information may be tampered with. Rittal Chiller SK 3232-Series is a liquid cooling device from Rittal",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-13549"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-011385"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-38069"
      },
      {
        "db": "IVD",
        "id": "b9b1aba0-4836-4d8e-aa89-e14f250c31f3"
      }
    ],
    "trust": 2.34
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-13549",
        "trust": 3.2
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-297-01",
        "trust": 3.0
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-38069",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-1481",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-011385",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "B9B1ABA0-4836-4D8E-AA89-E14F250C31F3",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b9b1aba0-4836-4d8e-aa89-e14f250c31f3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-38069"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-011385"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-13549"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-1481"
      }
    ]
  },
  "id": "VAR-201910-1187",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "b9b1aba0-4836-4d8e-aa89-e14f250c31f3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-38069"
      }
    ],
    "trust": 1.8
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS",
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      },
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b9b1aba0-4836-4d8e-aa89-e14f250c31f3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-38069"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:28:22.546000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "pCOWeb card",
        "trust": 0.8,
        "url": "https://www.carel.com/bms-building-management-system-na/-/journal_content/56_instance_i4q5kimlinkk/10191/55239"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-011385"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-306",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-011385"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-13549"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.0,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01"
      },
      {
        "trust": 1.6,
        "url": "http://seclists.org/fulldisclosure/2019/oct/46"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13549"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-13549"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-38069"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-011385"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-13549"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-1481"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "b9b1aba0-4836-4d8e-aa89-e14f250c31f3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-38069"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-011385"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-13549"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-1481"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-30T00:00:00",
        "db": "IVD",
        "id": "b9b1aba0-4836-4d8e-aa89-e14f250c31f3"
      },
      {
        "date": "2019-10-30T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-38069"
      },
      {
        "date": "2019-11-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-011385"
      },
      {
        "date": "2019-10-25T18:15:10.880000",
        "db": "NVD",
        "id": "CVE-2019-13549"
      },
      {
        "date": "2019-10-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201910-1481"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-30T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-38069"
      },
      {
        "date": "2019-11-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-011385"
      },
      {
        "date": "2020-02-10T21:50:16.310000",
        "db": "NVD",
        "id": "CVE-2019-13549"
      },
      {
        "date": "2020-02-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201910-1481"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-1481"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Rittal Chiller SK 3232-Series Improper access control vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "b9b1aba0-4836-4d8e-aa89-e14f250c31f3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-38069"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Access control error",
    "sources": [
      {
        "db": "IVD",
        "id": "b9b1aba0-4836-4d8e-aa89-e14f250c31f3"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-1481"
      }
    ],
    "trust": 0.8
  }
}

GHSA-73FC-M42Q-9FV3

Vulnerability from github – Published: 2022-05-24 16:59 – Updated: 2022-05-24 16:59

Details

Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 ? B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-13549"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-25T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 ? B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication.",
  "id": "GHSA-73fc-m42q-9fv3",
  "modified": "2022-05-24T16:59:53Z",
  "published": "2022-05-24T16:59:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13549"
    },
    {
      "type": "WEB",
      "url": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2019/Oct/46"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

ICSA-19-297-01

Vulnerability from csaf_cisa - Published: 2019-10-24 00:00 - Updated: 2019-10-24 00:00

Summary

Rittal Chiller SK 3232-Series

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could disrupt the primary operations of the affected component, shut down cooling to other equipment, and allow changes to the temperature set point.

Critical infrastructure sectors

Commercial Facilities, Communications, Critical Manufacturing, Energy, Information Technology

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Applied Risk",
        "summary": "reporting these vulnerabilities to CISA"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could disrupt the primary operations of the affected component, shut down cooling to other equipment, and allow changes to the temperature set point.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Commercial Facilities, Communications, Critical Manufacturing, Energy, Information Technology",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-19-297-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-297-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-19-297-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-297-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.us-cert.gov/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Rittal Chiller SK 3232-Series",
    "tracking": {
      "current_release_date": "2019-10-24T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-19-297-01",
      "initial_release_date": "2019-10-24T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2019-10-24T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-19-297-01 Rittal Chiller SK 3232-Series"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e= A1.5.3 | \u003c= B1.2.4",
                "product": {
                  "name": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb: firmware A1.5.3 - B1.2.4",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb"
          }
        ],
        "category": "vendor",
        "name": "Rittal"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-13549",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication.CVE-2019-13549 has been assigned to this vulnerability. A CVSS v3 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13549"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "For information on mitigating these vulnerabilities contact Rittal Support by email at: info@rittal.de",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "mailto:info@rittal.de"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2019-13553",
      "cwe": {
        "id": "CWE-798",
        "name": "Use of Hard-coded Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow attackers to influence the primary operations of the affected systems, namely turning the cooling unit on and off and setting the temperature set point.CVE-2019-13553 has been assigned to this vulnerability. A CVSS v3 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13553"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "For information on mitigating these vulnerabilities contact Rittal Support by email at: info@rittal.de",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "mailto:info@rittal.de"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

FKIE_CVE-2019-13549

Vulnerability from fkie_nvd - Published: 2019-10-25 18:15 - Updated: 2024-11-21 04:25

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://seclists.org/fulldisclosure/2019/Oct/46
ics-cert@hq.dhs.gov	https://www.us-cert.gov/ics/advisories/icsa-19-297-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2019/Oct/46
af854a3a-2127-422b-91ae-364da2661108	https://www.us-cert.gov/ics/advisories/icsa-19-297-01	Third Party Advisory, US Government Resource

Impacted products

	Vendor	Product	Version
	carel	pcoweb_firmware	*
	rittal	chiller_sk_3232	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:carel:pcoweb_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B4C31-67E0-488A-9297-B8E8E158DC3E",
              "versionEndIncluding": "b1.2.4",
              "versionStartIncluding": "a1.5.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:rittal:chiller_sk_3232:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FAC3FD5-429B-48BF-B519-47CAD3E718C0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication."
    },
    {
      "lang": "es",
      "value": "El Interfaz web Rittal Chiller SK 3232-Series seg\u00fan el firmware Carel pCOWeb A1.5.3 - B1.2.4. El mecanismo de autenticaci\u00f3n en los sistemas afectados no proporciona un nivel suficiente de protecci\u00f3n contra cambios de configuraci\u00f3n no autorizados. Las operaciones primarias, a saber, encender y apagar la unidad de enfriamiento y establecer el punto de ajuste de temperatura, se pueden modificar sin autenticaci\u00f3n."
    }
  ],
  "id": "CVE-2019-13549",
  "lastModified": "2024-11-21T04:25:07.587",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-25T18:15:10.880",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "http://seclists.org/fulldisclosure/2019/Oct/46"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2019/Oct/46"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-13549 (GCVE-0-2019-13549)

CNVD-2019-38069

GSD-2019-13549

VAR-201910-1187

GHSA-73FC-M42Q-9FV3

ICSA-19-297-01

FKIE_CVE-2019-13549

Tags

Sightings

Nomenclature