cbcvebase.
CVE-2018-19616
published 2018-12-26

CVE-2018-19616: An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access…

PriorityP268high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
EXPLOIT
EPSS
30.29%
98.0th percentile
An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access control is implemented on the client side via a disabled attribute for a BUTTON element.

Affected

1 ranges
VendorProductVersion rangeFixed in
rockwellautomationpowermonitor_1000_firmware

Detection & IOCsextracted from sources · hover to see the quote

  • Monitor for unauthenticated HTTP requests to administrative functions (add/edit/remove user, security configuration) on the PowerMonitor 1000 web interface — these should never originate from unauthenticated sessions.
  • CheckPoint IPS rules are available to detect exploitation attempts against the related CVE-2018-19615 XSS vulnerability on the same device; deploy these rules for broader coverage of the attack surface.
  • Disabling the FTP port and web interface access via the LCD configuration menu or configuration options can serve as a temporary mitigation to reduce attack surface while patching.
  • ·All versions of PowerMonitor 1000 are affected; the vendor patch is FRN 4.019. Devices running versions prior to this firmware remain fully vulnerable to unauthenticated administrative access.
  • ·The affected device version confirmed in exploit testing is '1408-EM3A-ENT B'; detections should target this hardware/firmware line.

CVSS provenance

nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.