PT-2024-8117 · Rockwell Automation · Rockwell Automation Thinmanager Thinserver
Nicholas Zubrisky
·
Published
2024-04-24
·
Updated
2024-08-26
·
CVE-2024-7987
CVSS v4.0
8.5
High
| Vector | AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions:
Rockwell Automation ThinManager ThinServer (affected versions not specified)
Description:
A remote code execution issue exists in the Rockwell Automation ThinManager ThinServer, allowing a threat actor to execute arbitrary code with System privileges. This is achieved by abusing the ThinServer service, creating a junction, and uploading arbitrary files. The vulnerability is related to incorrect permission assignment for a critical resource, which can be exploited by a remote attacker to run arbitrary code.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Unrestricted File Upload
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Rockwell Automation Thinmanager Thinserver