CVE-2024-12373 - Vulnerability Details - OpenCVE

A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1714.html

History

Wed, 18 Dec 2024 20:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-120
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 18 Dec 2024 15:45:00 +0000

Type	Values Removed	Values Added
Description		A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service.
Title		Rockwell Automation PowerMonitor™ 1000 Denial of Service
References		https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1714.html
Metrics		cvssV4_0 `{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: Rockwell

Published: 2024-12-18T15:38:50.826Z

Updated: 2024-12-18T19:56:35.445Z

Reserved: 2024-12-09T17:50:55.398Z

Link: CVE-2024-12373

Vulnrichment

Updated: 2024-12-18T19:56:29.590Z

NVD

Status : Received

Published: 2024-12-18T16:15:11.163

Modified: 2024-12-18T20:15:22.280

Link: CVE-2024-12373

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-12373", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2024-12-09T17:50:55.398Z", "datePublished": "2024-12-18T15:38:50.826Z", "dateUpdated": "2024-12-18T19:56:35.445Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "PM1k 1408-BC3A-485", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<4.020"}]}, {"defaultStatus": "unaffected", "product": "PM1k 1408-BC3A-ENT", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<4.020"}]}, {"defaultStatus": "unaffected", "product": "PM1k 1408-TS3A-485", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<4.020"}]}, {"defaultStatus": "unaffected", "product": "PM1k 1408-TS3A-ENT", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<4.020"}]}, {"defaultStatus": "unaffected", "product": "PM1k 1408-EM3A-485", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<4.020"}]}, {"defaultStatus": "unaffected", "product": "PM1k 1408-EM3A-ENT", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<4.020"}]}, {"defaultStatus": "unaffected", "product": "PM1k 1408-TR1A-485", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<4.020"}]}, {"defaultStatus": "unaffected", "product": "PM1k 1408-TR2A-485", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<v4.020"}]}, {"defaultStatus": "unaffected", "product": "PM1k 1408-EM1A-485", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<4.020"}]}, {"defaultStatus": "unaffected", "product": "PM1k 1408-EM2A-485", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<4.020"}]}, {"defaultStatus": "unaffected", "product": "PM1k 1408-TR1A-ENT", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<4.020"}]}, {"defaultStatus": "unaffected", "product": "PM1k 1408-TR2A-ENT", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<4.020"}]}, {"defaultStatus": "unaffected", "product": "PM1k 1408-EM1A-ENT", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<4.020"}]}, {"defaultStatus": "unaffected", "product": "PM1k 1408-EM2A-ENT", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<4.020"}]}], "datePublic": "2024-12-17T14:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service.</span>\n\n</span>\n\n<br>"}], "value": "A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-12-18T15:38:50.826Z"}, "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1714.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<table><tbody><tr><td><p>Affected Products</p></td><td><p>Affected firmware revision</p></td><td><p>Corrected in firmware revision</p></td></tr><tr><td><p>PM1k 1408-BC3A-485</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-BC3A-ENT</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-TS3A-485</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-TS3A-ENT</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-EM3A-485</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-EM3A-ENT</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-TR1A-485<b></b></p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-TR2A-485</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-EM1A-485</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-EM2A-485</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-TR1A-ENT</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-TR2A-ENT</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-EM1A-ENT</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-EM2A-ENT</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr></tbody></table>\n\n<br>\n\n<p><b>Mitigations and Workarounds</b></p><p>Users using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.   </p><p>\u00b7       <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a></p>\n\n<br>"}], "value": "Affected Products\n\nAffected firmware revision\n\nCorrected in firmware revision\n\nPM1k 1408-BC3A-485\n\n<4.020\n\n4.020\n\nPM1k 1408-BC3A-ENT\n\n<4.020\n\n4.020\n\nPM1k 1408-TS3A-485\n\n<4.020\n\n4.020\n\nPM1k 1408-TS3A-ENT\n\n<4.020\n\n4.020\n\nPM1k 1408-EM3A-485\n\n<4.020\n\n4.020\n\nPM1k 1408-EM3A-ENT\n\n<4.020\n\n4.020\n\nPM1k 1408-TR1A-485\n\n<4.020\n\n4.020\n\nPM1k 1408-TR2A-485\n\n<4.020\n\n4.020\n\nPM1k 1408-EM1A-485\n\n<4.020\n\n4.020\n\nPM1k 1408-EM2A-485\n\n<4.020\n\n4.020\n\nPM1k 1408-TR1A-ENT\n\n<4.020\n\n4.020\n\nPM1k 1408-TR2A-ENT\n\n<4.020\n\n4.020\n\nPM1k 1408-EM1A-ENT\n\n<4.020\n\n4.020\n\nPM1k 1408-EM2A-ENT\n\n<4.020\n\n4.020\n\n\n\n\n\n\nMitigations and Workarounds\n\nUsers using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible. \u00a0 \n\n\u00b7 \u00a0 \u00a0 \u00a0 Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"}], "source": {"advisory": "SD1714", "discovery": "EXTERNAL"}, "title": "Rockwell Automation PowerMonitor\u2122 1000 Denial of Service", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-120", "lang": "en", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-12-18T19:55:51.973126Z", "id": "CVE-2024-12373", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-18T19:56:35.445Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-12373", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-12-18T19:55:51.973126Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-18T19:56:29.590Z"}}], "cna": {"title": "Rockwell Automation PowerMonitor\u2122 1000 Denial of Service", "source": {"advisory": "SD1714", "discovery": "EXTERNAL"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Rockwell Automation", "product": "PM1k 1408-BC3A-485", "versions": [{"status": "affected", "version": "<4.020"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "PM1k 1408-BC3A-ENT", "versions": [{"status": "affected", "version": "<4.020"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "PM1k 1408-TS3A-485", "versions": [{"status": "affected", "version": "<4.020"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "PM1k 1408-TS3A-ENT", "versions": [{"status": "affected", "version": "<4.020"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "PM1k 1408-EM3A-485", "versions": [{"status": "affected", "version": "<4.020"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "PM1k 1408-EM3A-ENT", "versions": [{"status": "affected", "version": "<4.020"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "PM1k 1408-TR1A-485", "versions": [{"status": "affected", "version": "<4.020"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "PM1k 1408-TR2A-485", "versions": [{"status": "affected", "version": "<v4.020"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "PM1k 1408-EM1A-485", "versions": [{"status": "affected", "version": "<4.020"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "PM1k 1408-EM2A-485", "versions": [{"status": "affected", "version": "<4.020"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "PM1k 1408-TR1A-ENT", "versions": [{"status": "affected", "version": "<4.020"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "PM1k 1408-TR2A-ENT", "versions": [{"status": "affected", "version": "<4.020"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "PM1k 1408-EM1A-ENT", "versions": [{"status": "affected", "version": "<4.020"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "PM1k 1408-EM2A-ENT", "versions": [{"status": "affected", "version": "<4.020"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Affected Products\n\nAffected firmware revision\n\nCorrected in firmware revision\n\nPM1k 1408-BC3A-485\n\n<4.020\n\n4.020\n\nPM1k 1408-BC3A-ENT\n\n<4.020\n\n4.020\n\nPM1k 1408-TS3A-485\n\n<4.020\n\n4.020\n\nPM1k 1408-TS3A-ENT\n\n<4.020\n\n4.020\n\nPM1k 1408-EM3A-485\n\n<4.020\n\n4.020\n\nPM1k 1408-EM3A-ENT\n\n<4.020\n\n4.020\n\nPM1k 1408-TR1A-485\n\n<4.020\n\n4.020\n\nPM1k 1408-TR2A-485\n\n<4.020\n\n4.020\n\nPM1k 1408-EM1A-485\n\n<4.020\n\n4.020\n\nPM1k 1408-EM2A-485\n\n<4.020\n\n4.020\n\nPM1k 1408-TR1A-ENT\n\n<4.020\n\n4.020\n\nPM1k 1408-TR2A-ENT\n\n<4.020\n\n4.020\n\nPM1k 1408-EM1A-ENT\n\n<4.020\n\n4.020\n\nPM1k 1408-EM2A-ENT\n\n<4.020\n\n4.020\n\n\n\n\n\n\nMitigations and Workarounds\n\nUsers using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible. \u00a0 \n\n\u00b7 \u00a0 \u00a0 \u00a0 Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight", "supportingMedia": [{"type": "text/html", "value": "<table><tbody><tr><td><p>Affected Products</p></td><td><p>Affected firmware revision</p></td><td><p>Corrected in firmware revision</p></td></tr><tr><td><p>PM1k 1408-BC3A-485</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-BC3A-ENT</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-TS3A-485</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-TS3A-ENT</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-EM3A-485</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-EM3A-ENT</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-TR1A-485<b></b></p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-TR2A-485</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-EM1A-485</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-EM2A-485</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-TR1A-ENT</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-TR2A-ENT</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-EM1A-ENT</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr><tr><td><p>PM1k 1408-EM2A-ENT</p></td><td><p><4.020</p></td><td><p>4.020</p></td></tr></tbody></table>\n\n<br>\n\n<p><b>Mitigations and Workarounds</b></p><p>Users using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.   </p><p>\u00b7       <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a></p>\n\n<br>", "base64": false}]}], "datePublic": "2024-12-17T14:00:00.000Z", "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1714.html"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service.</span>\n\n</span>\n\n<br>", "base64": false}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-12-18T15:38:50.826Z"}}}, "cveMetadata": {"cveId": "CVE-2024-12373", "state": "PUBLISHED", "dateUpdated": "2024-12-18T19:56:35.445Z", "dateReserved": "2024-12-09T17:50:55.398Z", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "datePublished": "2024-12-18T15:38:50.826Z", "assignerShortName": "Rockwell"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service."}], "id": "CVE-2024-12373", "lastModified": "2024-12-18T20:15:22.280", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "HIGH"}, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}, "published": "2024-12-18T16:15:11.163", "references": [{"source": "PSIRT@rockwellautomation.com", "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1714.html"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}