AT&T Confirms Almost All Wireless Customers Impacted by Data Breach
July 15, 2024HardBit Ransomware 4.0 Avoids Detection by Leveraging Passphrase Protection
July 15, 2024AT&T Confirms Almost All Wireless Customers Impacted by Data Breach
July 15, 2024HardBit Ransomware 4.0 Avoids Detection by Leveraging Passphrase Protection
July 15, 2024Severity
High
Analysis Summary
CVE-2024-5989 CVSS:9.8
Rockwell Automation ThinManager ThinServer could allow a remote attacker to execute arbitrary code on the system, caused by SQL injection vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-5988 CVSS:9.8
Rockwell Automation ThinManager ThinServer could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-5990 CVSS:7.5
Rockwell Automation ThinManager ThinServer is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted message, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-5659 CVSS:7.5
Rockwell Automation ControlLogix, GuardLogix, and CompactLogix is vulnerable to a denial of service, caused by always-incorrect control flow implementation. By sending abnormal packets to the mDNS port, a remote attacker could exploit this vulnerability to cause a major nonrecoverable fault, leading to a denial of service.
Impact
- Gain Access
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-5989
- CVE-2024-5988
- CVE-2024-5990
- CVE-2024-5659
Affected Vendors
Affected Products
- Rockwell Automation ThinManager ThinServer 13.1.0
- Rockwell Automation ThinManager ThinServer 11.1.0
- Rockwell Automation ThinManager ThinServer 11.2.0
- Rockwell Automation ThinManager ThinServer 12.0.0
- Rockwell Automation ThinManager ThinServer 12.1.0
- Rockwell Automation ThinManager ThinServer 13.0.0
- Rockwell Automation ControlLogix 5580 34.011
- Rockwell Automation GuardLogix 5580 34.011
- Rockwell Automation CompactLogix 5380 34.011
- Rockwell Automation Compact GuardLogix 5380 34.011
- Rockwell Automation CompactLogix 5480 34.011
Remediation
Refer to Rockwell Automation Security Document for patch, upgrade or suggested workaround information.