Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)


Vulnerabilities in Carlo Gavazzi Energy Monitoring Products
Severity Rating: High
System Affected:  

·         VMU-C EM prior to firmware version A11_U05, and VMU-C PV prior to firmware version A17


Multiple vulnerabilities have been identified in Carlo Gavazzi Energy Monitoring Products and can allow a remote attacker to gain access to the sensitive information, perform certain administrative actions and gain unauthorized access to the affected application.

The vulnerabilities reported are as follows

·         Unauthorized  Access vulnerability

·         Cross-site request forgery vulnerability

·         Information-disclosure vulnerability

On successful exploitation of these vulnerabilities an attacker would be able to execute configuration parameter changes and saving modified configuration.
Users are advised to apply updates.
More information is available on:
Vendor Information
Carlo Gavazzi

CVE Information


Security Week

Security Focus

Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis