41 matches found
EUVD-2018-11302
Malware in sbrugna...
EUVD-2018-11303
Malware in sbrugna...
EUVD-2023-33598
Malicious code in bioql PyPI...
The vulnerability of the microprogramming software of the Rockwell Automation PowerMonitor 1000 monitoring and control device, related to buffer overflow in dynamic memory, allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the microprogramming software of the Rockwell Automation PowerMonitor 1000 monitoring and control device is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause a service failure...
The vulnerability of the microprogramming software of the Rockwell Automation PowerMonitor 1000 device, caused by buffer overflows, allows a hacker to trigger a maintenance failure.
The vulnerability of the microprogramming software of the Rockwell Automation PowerMonitor 1000 monitoring and control device is caused by buffer overflow. Exploiting this vulnerability can allow a malicious actor to cause a service failure remotely...
The vulnerability of the application software interface of Rockwell Automation’s PowerMonitor 1000 device for monitoring and controlling electrical networks allows a perpetrator to gain full access to the device.
The vulnerability of the application software interface of Rockwell Automation’s PowerMonitor 1000 monitoring and control device lies in the ability to create a privileged user bypassing the authentication mechanism. Exploiting this vulnerability could allow an intruder to gain full access to the...
Rockwell Automation PowerMonitor 1000 Unprotected Alternate Channel (CVE-2024-12371)
A device takeover vulnerability exists in the affected product. This vulnerability allows configuration of a new Policyholder user without any authentication via API. Policyholder user is the most privileged user that can perform edit operations, creating admin users and performing factory reset...
CVE-2024-12373
CVE-2024-12373 affects Rockwell Automation PowerMonitor 1000. The connected materials confirm a denial-of-service vulnerability caused by a buffer overflow in the device, exploitable over the network with no user interaction required. Public sources (ICS advisory ICSA-24-352-03) detail risk: pote...
CVE-2024-12373 Rockwell Automation PowerMonitor™ 1000 Denial of Service
A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service...
CVE-2024-12372 Rockwell Automation PowerMonitor™ 1000 Denial of Service
A denial-of-service and possible remote code execution vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in corruption of the heap memory which may compromise the integrity of the system, potentially allowing for remote code execution or a...
CVE-2024-12372
CVE-2024-12372 affects Rockwell Automation PowerMonitor 1000. The issue enables denial-of-service and potentially remote code execution via heap memory corruption, exploitable over the network through the device API that allows unauthenticated policy changes (admin creation, factory resets). Seve...
CVE-2024-12371
CVE-2024-12371 affects Rockwell Automation Power Monitor 1000. Vulnerability: API allows unauthenticated creation of a Policyholder user with high privileges (edit operations, admin creation, factory reset). Reported impact includes device takeover and potential for remote code execution/DoS via ...
PT-2024-10278
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Power Monitor 1000 affected versions not specified Description: A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer overflow, potentially causing...
The vulnerability of the Rockwell Automation PowerMonitor 1000 monitor regarding electrical load distribution, due to deficiencies in user input data validation, allows a intruder to execute arbitrary code.
The vulnerability of the Rockwell Automation PowerMonitor 1000 monitor regarding electrical load distribution is related to deficiencies in the verification of data entered by users. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
Rockwell Automation PowerMonitor 1000 Cross Site Scripting Vulnerability
Rockwell Automation PowerMonitor 1000 is a power monitoring device from Rockwell Automation. The Rockwell Automation PowerMonitor 1000 suffers from a cross-site scripting vulnerability that stems from a lack of effective filtering and escaping of user-supplied data, which can be exploited by an...
Rockwell Automation PowerMonitor 1000
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: PowerMonitor 1000 Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote code...
Cross site scripting
The Rockwell Automation PowerMonitor 1000 contains stored cross-site scripting vulnerabilities within the web page of the product. The vulnerable pages do not require privileges to access and can be injected with code by an attacker which could be used to leverage an attack on an authenticated...
CVE-2023-2072 Rockwell Automation PowerMonitor 1000 Cross-Site Scripting Vulnerability
The Rockwell Automation PowerMonitor 1000 contains stored cross-site scripting vulnerabilities within the web page of the product. The vulnerable pages do not require privileges to access and can be injected with code by an attacker which could be used to leverage an attack on an authenticated...
CVE-2023-2072
CVE-2023-2072 affects Rockwell Automation PowerMonitor 1000. Stored cross-site scripting in the product’s web pages allows code injection by an unauthenticated attacker to impact an authenticated user, potentially enabling remote code execution and compromising confidentiality, integrity, and ava...
CVE-2023-2072 Rockwell Automation PowerMonitor 1000 Cross-Site Scripting Vulnerability
The Rockwell Automation PowerMonitor 1000 contains stored cross-site scripting vulnerabilities within the web page of the product. The vulnerable pages do not require privileges to access and can be injected with code by an attacker which could be used to leverage an attack on an authenticated...