Описание
Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could expose the server to arbitrary remote code execution.
Ссылки
- Permissions RequiredVendor Advisory
- Permissions RequiredVendor Advisory
Уязвимые конфигурации
EPSS
8.1 High
CVSS3
9.8 Critical
CVSS3
Дефекты
Связанные уязвимости
Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could expose the server to arbitrary remote code execution.
Уязвимость компонента ThinServer платформы для централизованного управления приложениямия Rockwell Automation ThinManager, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
EPSS
8.1 High
CVSS3
9.8 Critical
CVSS3