Severity
High
Analysis Summary
CVE-2023-27857 CVSS:7.5
Rockwell Automation ThinManager is vulnerable to a denial of service, caused by a heap-based buffer over-read. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-27856 CVSS:7.5
Rockwell Automation ThinManager could allow a remote attacker to traverse directories on the system, caused by improper validation of user requests. An attacker could send a specially-crafted type 8 message containing “dot dot” sequences (/../) to download arbitrary files from the system.
CVE-2023-27855 CVSS:9.8
Rockwell Automation ThinManager could allow a remote attacker to traverse directories on the system, caused by improper validation of user requests. An attacker could send a specially-crafted message containing “dot dot” sequences (/../) to overwrite executable files and either invoke them remotely or wait for the system or user to call them to execute arbitrary code on the system.
Impact
- Denial of Service
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-48311
Affected Vendors
Rockwell Automation
Affected Products
- Rockwell Automation ThinManager 10
- Rockwell Automation ThinManager 11.0.0
- Rockwell Automation ThinManager 11.0.5
- Rockwell Automation ThinManager 11.1.0
- Rockwell Automation ThinManager 11.1.5
- Rockwell Automation ThinManager 11.2.0
- Rockwell Automation ThinManager 11.2.6
- Rockwell Automation ThinManager 12.0.0
- Rockwell Automation ThinManager 12.0.4
- Rockwell Automation ThinManager 12.1.0
- Rockwell Automation ThinManager 12.1.5
- Rockwell Automation ThinManager 13.0.0
- Rockwell Automation ThinManager 13.0.1
- Rockwell Automation ThinManager 6
Remediation
Upgrade to the latest version of ThinManager, available from the Rockwell Automation Web site.