CVE-2024-12373 Rockwell Automation CVE debrief

Who should care

Organizations operating Rockwell Automation PowerMonitor 1000 series devices in industrial control system environments, particularly those with remote network accessibility to power monitoring equipment.

Technical summary

The vulnerability exists in the PowerMonitor 1000 series firmware and results in a buffer overflow condition that can cause denial-of-service. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) indicates network exploitable, low attack complexity, no privileges required, and high impact across confidentiality, integrity, and availability. All fourteen affected product variants share the same firmware version constraint (<4.020).

Defensive priority

critical

Recommended defensive actions

• Upgrade affected PowerMonitor 1000 devices to firmware revision 4.020 or later
• If immediate upgrade is not feasible, apply ICS security best practices including network segmentation and access controls
• Monitor Rockwell Automation security advisory page for additional guidance
• Review CISA ICS recommended practices for defense-in-depth strategies

Evidence notes

CVE description and remediation details sourced from CISA CSAF advisory ICSA-24-352-03. CVSS 9.8 (Critical) per source. Affected product list and firmware version constraints extracted from CSAF product tree. Vendor remediation guidance confirmed in source remediations section.

Official resources