CVE-2024-47945

Public Exploit

Predictable Session ID

Description

The devices are vulnerable to session hijacking due to insufficient entropy in its session ID generation algorithm. The session IDs are predictable, with only 32,768 possible values per user, which allows attackers to pre-generate valid session IDs, leading to unauthorized access to user sessions. This is not only due to the use of an (insecure) rand() function call but also because of missing initialization via srand(). As a result only the PIDs are effectively used as seed.

Remediation

Solution:

The vendor provides a patched version V6.21.00.2 which can be downloaded from the following URL: www.rittal.com/de-de/products/deep/3124300 https://www.rittal.com/de-de/products/deep/3124300

References

Link	Tags
https://r.sec-consult.com/rittaliot	third party advisory exploit
https://www.rittal.com/de-de/products/deep/3124300	product patch

Frequently Asked Questions

What is the severity of CVE-2024-47945?: CVE-2024-47945 has been scored as a critical severity vulnerability.
How to fix CVE-2024-47945?: To fix CVE-2024-47945: The vendor provides a patched version V6.21.00.2 which can be downloaded from the following URL: www.rittal.com/de-de/products/deep/3124300 https://www.rittal.com/de-de/products/deep/3124300
Is CVE-2024-47945 being actively exploited in the wild?: It is possible that CVE-2024-47945 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-47945?: CVE-2024-47945 affects RITTAL GmbH & Co. KG IoT Interface & CMC III Processing Unit.

Description

Remediation

Categories

CWE-340 – Generation of Predictable Numbers or Identifiers

CWE-331 – Insufficient Entropy

References

Frequently Asked Questions