Rockwell Automation has released patches for multiple vulnerabilities discovered in its ThinManager ThinServer software. These vulnerabilities, pose significant risks to systems running affected versions of the software. Successful exploitation could lead to unauthorized access to sensitive data, system compromise, and disruption of critical industrial operations.
The advisory details three specific vulnerabilities:
- CVE-2024-7988 with a CVSS score of 9.8 leads to remote code execution with System privileges. It arises due to improper data input validation, allowing files to be overwritten.
- CVE-2024-7987 with a CVSS score of 7.8, allows remote code execution with System privileges. Attackers can exploit this by creating a junction and using it to upload arbitrary files.
- CVE-2024-7986 with a CVSS score of 5.5, enables threat actors to disclose sensitive information by abusing the ThinServer service to read arbitrary files.
The vulnerabilities affect a wide range of ThinManager ThinServer versions, spanning from 11.1.0 to 13.2.1. Rockwell Automation has released patches to address these issues and strongly urges users to update their ThinServer installations to the latest versions as soon as possible.
Organizations utilizing ThinManager ThinServer in their industrial environments should prioritize applying the available patches immediately
