CVE-2024-12373

9.3

Critical

Published:18 Dec 2024

Last updated:17 Jun 2026

Source:PSIRT@rockwellautomation.com

Deferred

Weakness (CWE)

CWE-120Buffer Copy without Checking Size

CVSS Vector

v4.0

Attack Vector: Network
Attack Complexity: Low
Attack Requirements: None
Privileges Required: None
User Interaction: None
Confidentiality (Vulnerable): High
Integrity (Vulnerable): High
Availability (Vulnerable): High
Confidentiality (Subsequent): None
Integrity (Subsequent): None
Availability (Subsequent): None

View on MITRE Find PoC on GitHub

Description

A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service.

References

PSIRT@rockwellautomation.com

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1714.html