CVE-2024-12373

Summary

A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service.

Affected Software

VendorProductVersion RangeStatus
Rockwell AutomationPM1k 1408-BC3A-485<4.020affected
Rockwell AutomationPM1k 1408-BC3A-ENT<4.020affected
Rockwell AutomationPM1k 1408-TS3A-485<4.020affected
Rockwell AutomationPM1k 1408-TS3A-ENT<4.020affected
Rockwell AutomationPM1k 1408-EM3A-485<4.020affected
Rockwell AutomationPM1k 1408-EM3A-ENT<4.020affected
Rockwell AutomationPM1k 1408-TR1A-485<4.020affected
Rockwell AutomationPM1k 1408-TR2A-485<v4.020affected
Rockwell AutomationPM1k 1408-EM1A-485<4.020affected
Rockwell AutomationPM1k 1408-EM2A-485<4.020affected
Rockwell AutomationPM1k 1408-TR1A-ENT<4.020affected
Rockwell AutomationPM1k 1408-TR2A-ENT<4.020affected
Rockwell AutomationPM1k 1408-EM1A-ENT<4.020affected
Rockwell AutomationPM1k 1408-EM2A-ENT<4.020affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References