Vulnerability Description
The devices are vulnerable to session hijacking due to insufficient entropy in its session ID generation algorithm. The session IDs are predictable, with only 32,768 possible values per user, which allows attackers to pre-generate valid session IDs, leading to unauthorized access to user sessions. This is not only due to the use of an (insecure) rand() function call but also because of missing initialization via srand(). As a result only the PIDs are effectively used as seed.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rittal | Iot Interface Firmware | < 6.21.00.2 |
| Rittal | Iot Interface | - |
| Rittal | Cmc Iii Processing Units Firmware | < 6.21.00.2 |
| Rittal | Cmc Iii Processing Units | - |
Related Weaknesses (CWE)
References
- https://r.sec-consult.com/rittaliotExploitThird Party Advisory
- https://www.rittal.com/de-de/products/deep/3124300Product
- http://seclists.org/fulldisclosure/2024/Oct/4
FAQ
What is CVE-2024-47945?
CVE-2024-47945 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The devices are vulnerable to session hijacking due to insufficient entropy in its session ID generation algorithm. The session IDs are predictable, with only 32,768 possible values per user, which ...
How severe is CVE-2024-47945?
CVE-2024-47945 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-47945?
Check the references section above for vendor advisories and patch information. Affected products include: Rittal Iot Interface Firmware, Rittal Iot Interface, Rittal Cmc Iii Processing Units Firmware, Rittal Cmc Iii Processing Units.