Rockwell Automation PowerMonitor 1000 Unprotected Alternate Channel (CVE-2024-12371)
A device takeover vulnerability exists in the affected product. This vulnerability allows configuration of a new Policyholder user without any authentication via API. Policyholder user is the most privileged user that can perform edit operations, creating admin users and performing factory reset...