Security News > 2020 > July > Vulnerabilities Impact Multiple Rittal Products Due to Use of Same Firmware
Researchers have discovered several potentially serious vulnerabilities affecting monitoring, cooling and power distribution products made by Germany-based Rittal.
According to Austria-based cybersecurity company SEC Consult, Rittal's CMC III industrial and IT monitoring system, LCP CW cooling system, and the entire portfolio of power distribution units are impacted by six types of vulnerabilities.
The affected products all use the same base firmware.
Rittal products are also affected by a command injection vulnerability in the web interface, specifically the NTP server IP address settings.
The Rittal products have also been found to use outdated versions of third-party software, including OpenSSL and the Linux kernel, which can contain serious vulnerabilities.