CVE-2020-11955
HIGHRittal CMCIII-PU-9333E0FB < 3.15.70 and PDU-3C002DEC < 5.15.70 - Insecure Default Permissions
Title source: llmDescription
An issue was discovered on Rittal PDU-3C002DEC through 5.15.70 and CMCIII-PU-9333E0FB through 3.15.70 devices. There are insecure permissions.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-multiple-rittal-products-based-on-same-software/
Scores
CVSS v3
8.8
EPSS
0.0131
EPSS Percentile
67.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-276
Status
published
Products (5)
rittal/cmc_iii_pu_7030.000_firmware
< 3.15.70_4
rittal/cmciii-pu-9333e0fb_firmware
< 3.15.70
rittal/iot_interface_3124.300
< 6.17.00
rittal/lcp-cw_firmware
< 3.15.70_4
rittal/pdu-3c002dec_firmware
< 5.15.70
Published
Jul 14, 2020
Tracked Since
Feb 18, 2026