CVE-2024-5989

Name of the Vulnerable Software and Affected Versions Rockwell Automation ThinManager ThinServer (affected versions not specified)

Description The issue is related to improper input validation in the ThinServer component of Rockwell Automation ThinManager, allowing an unauthenticated threat actor to send a malicious message and invoke SQL injection into the program. This can cause a remote code execution condition. The exploitation involves sending a specially crafted SQL query.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.