Vulnerability Description
An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interface.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Carel | Pcoweb Card Web | 2.2 |
| Carel | Pcoweb Card Bios | 6.27 |
| Carel | Pcoweb Card Boot | 5.00 |
Related Weaknesses (CWE)
References
- https://github.com/cybertoxin/CVEs/blob/main/CVE_2020_18329.mdThird Party Advisory
- https://medium.com/%40SergiuSechel/insecure-permissions-in-rehau-group-unlimited
- https://github.com/cybertoxin/CVEs/blob/main/CVE_2020_18329.mdThird Party Advisory
- https://medium.com/%40SergiuSechel/insecure-permissions-in-rehau-group-unlimited
FAQ
What is CVE-2020-18329?
CVE-2020-18329 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interfac...
How severe is CVE-2020-18329?
CVE-2020-18329 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-18329?
Check the references section above for vendor advisories and patch information. Affected products include: Carel Pcoweb Card Web, Carel Pcoweb Card Bios, Carel Pcoweb Card Boot.