Lucene search
K

6 matches found

NCSC
NCSC
added 2024/12/19 2:54 p.m.6 views

Vulnerabilities fixed in Rockwell Automation Power Monitor 1000

Rockwell Automation has fixed vulnerabilities in the Power Monitor 1000. The vulnerabilities are in the API of the Power Monitor 1000, which allows unauthorized users to configure new Policyholder users with high privileges. This allows attackers to edit existing users, create new administrators...

9.3CVSS7.8AI score0.00862EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/12/19 12:0 a.m.12 views

Rockwell Automation PowerMonitor 1000 Unprotected Alternate Channel (CVE-2024-12371)

A device takeover vulnerability exists in the affected product. This vulnerability allows configuration of a new Policyholder user without any authentication via API. Policyholder user is the most privileged user that can perform edit operations, creating admin users and performing factory reset...

9.3CVSS8.6AI score0.00539EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/18 12:0 a.m.6 views

Rockwell Automation Power Monitor 1000 安全漏洞

Rockwell Automation Power Monitor 1000 is a power monitor from Rockwell Automation. A security vulnerability exists in Rockwell Automation Power Monitor 1000 versions prior to 4.020, which can be exploited by an attacker to configure a new policyholder user without any authentication through the...

9.3CVSS6.9AI score0.00539EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/16 12:0 a.m.6 views

PT-2024-9677

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Power Monitor 1000 affected versions not specified Description: A device takeover vulnerability exists in the Rockwell Automation Power Monitor 1000. This vulnerability allows the configuration of a new Policyholder user...

9.3CVSS9.3AI score0.00539EPSS
Exploits0References11
Code423n4
Code423n4
added 2023/06/14 12:0 a.m.7 views

createAction() ,castApproval(), castDisapproval() functions vulnerable replay attacks

Lines of code Vulnerability details Impact /// @notice Mapping of policyholders to function selectors to current nonces for EIP-712 signatures. /// @dev This is used to prevent replay attacks by incrementing the nonce for each operation createAction, /// castApproval and castDisapproval signed by...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/05 11:0 a.m.12 views

Software provider denied insurance payout after ransomware attack

The Supreme Court of Ohio issued a ruling days before the New Year that a software and service provider shouldn't be covered by insurance against a ransomware attack as it didn't cause direct or physical harm to tangible components of software, as it doesnt have any. "When insurance policy covers...

1.7AI score
Exploits0
Rows per page
Query Builder