Details of VAR-202412-2454

ID

VAR-202412-2454

CVE

CVE-2024-12371

TITLE

Rockwell Automation Power Monitor 1000 Device Takeover Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2024-49514

DESCRIPTION

A device takeover vulnerability exists in the Rockwell Automation Power Monitor 1000. This vulnerability allows configuration of a new Policyholder user without any authentication via API. Policyholder user is the most privileged user that can perform edit operations, creating admin users and performing factory reset. Rockwell Automation Power Monitor 1000 versions prior to 4.020 have a security vulnerability that can be exploited by attackers to configure new policy holder users without any authentication through the API

Trust: 1.44

sources: NVD: CVE-2024-12371 // CNVD: CNVD-2024-49514

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-49514

AFFECTED PRODUCTS

vendor:

rockwell

model:

automation rockwell automation power monitor

scope:

version:

1000<4.020

Trust: 0.6

sources: CNVD: CNVD-2024-49514

CVSS

SEVERITY

CVSSV2

CVSSV3

PSIRT@rockwellautomation.com:	CVE-2024-12371
value:	CRITICAL
Trust: 1.0
CNVD:	CNVD-2024-49514
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2024-49514
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2024-49514 // NVD: CVE-2024-12371

PROBLEMTYPE DATA

problemtype:

CWE-306

Trust: 1.0

sources: NVD: CVE-2024-12371

PATCH

title:

Patch for Rockwell Automation Power Monitor 1000 Device Takeover Vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/647351

Trust: 0.6

sources: CNVD: CNVD-2024-49514

EXTERNAL IDS

db:	NVD	id:	CVE-2024-12371	Trust: 1.6
db:	CNVD	id:	CNVD-2024-49514	Trust: 0.6

sources: CNVD: CNVD-2024-49514 // NVD: CVE-2024-12371

REFERENCES

url:

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.sd1714.html

Trust: 1.6

sources: CNVD: CNVD-2024-49514 // NVD: CVE-2024-12371

SOURCES

db:	CNVD	id:	CNVD-2024-49514
db:	NVD	id:	CVE-2024-12371

LAST UPDATE DATE

2025-01-02T23:24:28.066000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2024-49514	date:	2024-12-27T00:00:00
db:	NVD	id:	CVE-2024-12371	date:	2024-12-18T20:15:21.193

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2024-49514	date:	2024-12-27T00:00:00
db:	NVD	id:	CVE-2024-12371	date:	2024-12-18T16:15:10.907