CVE-2024-47944— Missing Protection Mechanism for Alternate Hardware Interface

EPSS 0.14% · P34 Updated Nov 04, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-47944

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Missing Protection Mechanism for Alternate Hardware Interface

Source: NVD (National Vulnerability Database)

Vulnerability Description

The device directly executes .patch firmware upgrade files on a USB stick without any prior authentication in the admin interface. This leads to an unauthenticated code execution via the firmware upgrade function.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

CWE-1299

Source: NVD (National Vulnerability Database)

Vulnerability Title

Rittal IoT Interface & CMC III Processing Unit 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Rittal IoT Interface & CMC III Processing Unit是德国Rittal公司的一个用于监控物理环境条件的传感器智能联网的关键组件。 Rittal IoT Interface & CMC III Processing Unit 6.21.00.2之前版本存在安全漏洞，该漏洞源于设备直接在USB上执行 .patch 固件升级文件，而无需在管理界面中进行任何事先身份验证，导致通过固件升级功能执行未经身份验证的代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
RITTAL GmbH & Co. KG	IoT Interface & CMC III Processing Unit	<6.21.00.2	-

II. Public POCs for CVE-2024-47944

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-47944

请登录查看更多情报信息。

Same Patch Batch · RITTAL GmbH & Co. KG · 2024-10-15 · 3 CVEs total

CVE-2024-47943		Improper signature verification of firmware upgrade files
CVE-2024-47945		Predictable Session ID

IV. Related Vulnerabilities

Same product: IoT Interface & CMC III Processing Unit

Same vendor: RITTAL GmbH & Co. KG

Same weakness: CWE-1299

V. Comments for CVE-2024-47944

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-47944— Missing Protection Mechanism for Alternate Hardware Interface

I. Basic Information for CVE-2024-47944

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-47944

III. Intelligence Information for CVE-2024-47944

Same Patch Batch · RITTAL GmbH & Co. KG · 2024-10-15 · 3 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-47944

Leave a comment