CVE-2024-12372 | THREATINT

Description

A denial-of-service and possible remote code execution vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in corruption of the heap memory which may compromise the integrity of the system, potentially allowing for remote code execution or a denial-of-service attack.

PUBLISHED Reserved 2024-12-09 | Published 2024-12-18 | Updated 2024-12-18 | Assigner Rockwell

CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Product status

Default status

unaffected

<4.020

affected

Default status

unaffected

<4.020

affected

Default status

unaffected

<4.020

affected

Default status

unaffected

<4.020

affected

Default status

unaffected

<4.020

affected

Default status

unaffected

<4.020

affected

Default status

unaffected

<4.020

affected

Default status

unaffected

affected

Default status

unaffected

<4.020

affected

Default status

unaffected

<4.020

affected

Default status

unaffected

<4.020

affected

Default status

unaffected

<4.020

affected

Default status

unaffected

<4.020

affected

Default status

unaffected

<4.020

affected

References

www.rockwellautomation.com/...dvisories/advisory.SD1714.html

cve.org (CVE-2024-12372)

nvd.nist.gov (CVE-2024-12372)

Download JSON