CVE-2024-47943 Information

Description

The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if the patch files are signed before executing the containing run.sh script. The signing process is kind of an HMAC with a long string as key which is hard-coded in the firmware and is freely available for download. This allows crafting malicious \signed\ .patch files in order to compromise the device and execute arbitrary code.

Reference

https://r.sec-consult.com/rittaliot https://www.rittal.com/de-de/products/deep/3124300