1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/Low attack complexity
- Vendor: Rockwell Automation
- Equipment: ThinManager ThinServer
- Vulnerabilities: Improper Privilege Management, Incorrect Permission Assignment for Critical Resource, Improper Input Validation
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to read arbitrary files and execute arbitrary code with system privileges.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Rockwell Automation ThinManager ThinServer, a client management software, are affected:
- ThinManager ThinServer: Versions 11.1.0 to 11.1.7
- ThinManager ThinServer: Versions 11.2.0 to 11.2.8
- ThinManager ThinServer: Versions 12.0.0 to 12.0.6
- ThinManager ThinServer: Versions 12.1.0 to 12.1.7
- ThinManager ThinServer: Versions 13.0.0 to 13.0.4
- ThinManager ThinServer: Versions 13.1.0 to 13.1.2
- ThinManager ThinServer: Versions 13.2.0 to 13.2.1
3.2 Vulnerability Overview
3.2.1 Improper Privilege Management CWE-269
A vulnerability exists in the affected products that allows a threat actor to disclose sensitive information. A threat actor can exploit this vulnerability by abusing the ThinServer service to read arbitrary files by creating a junction that points to the target directory.
CVE-2024-7986 has been assigned to this vulnerability. A CVSS v3.1 base score of 5.5 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
A CVSS v4 score has also been calculated for CVE-2024-7986. A base score
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: