CVE-2024-47943

CRITICAL

Rittal IoT Interface & CMC III Processing Unit - Code Injection

Title source: llm

Description

The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if the patch files are signed before executing the containing run.sh script. The signing process is kind of an HMAC with a long string as key which is hard-coded in the firmware and is freely available for download. This allows crafting malicious "signed" .patch files in order to compromise the device and execute arbitrary code.

References (3)

[Various Sources] https://r.sec-consult.com/rittaliot

[Various Sources] https://www.rittal.com/de-de/products/deep/3124300

[Mailing List] http://seclists.org/fulldisclosure/2024/Oct/4

Scores

CVSS v3 9.8

EPSS 0.0021

EPSS Percentile 43.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-347

Status published

Products (1)

RITTAL GmbH & Co. KG/IoT Interface & CMC III Processing Unit <6.21.00.2

Published Oct 15, 2024

Tracked Since Feb 18, 2026