A denial-of-service and possible remote code execution vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in corruption of the heap memory which may compromise the integrity of the system, potentially allowing for remote code execution or a denial-of-service attack.
History

Wed, 18 Dec 2024 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-94
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 18 Dec 2024 15:45:00 +0000

Type Values Removed Values Added
Description A denial-of-service and possible remote code execution vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in corruption of the heap memory which may compromise the integrity of the system, potentially allowing for remote code execution or a denial-of-service attack.
Title Rockwell Automation PowerMonitorâ„¢ 1000 Denial of Service
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Rockwell

Published: 2024-12-18T15:28:25.266Z

Updated: 2024-12-18T19:58:03.337Z

Reserved: 2024-12-09T17:50:51.305Z

Link: CVE-2024-12372

cve-icon Vulnrichment

Updated: 2024-12-18T19:57:58.869Z

cve-icon NVD

Status : Received

Published: 2024-12-18T16:15:11.050

Modified: 2024-12-18T20:15:22.167

Link: CVE-2024-12372

cve-icon Redhat

No data.