June 25, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
CoinMiner Malware – Active IOCs
April 16, 2025
DarkCrystal RAT aka DCRat – Active IOCs
April 17, 2025
CoinMiner Malware – Active IOCs
April 16, 2025
DarkCrystal RAT aka DCRat – Active IOCs
April 17, 2025
Severity
High
Analysis Summary
CVE-2025-3618 CVSS:8.5
A denial-of-service vulnerability exists in the Rockwell Automation ThinManager. The software fails to adequately verify the outcome of memory allocation while processing Type 18 messages. If exploited, a threat actor could cause a denial-of-service on the target software.
CVE-2025-3617 CVSS:8.5
A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. When the software starts up, files are deleted in the temporary folder causing the Access Control Entry of the directory to inherit permissions from the parent directory. If exploited, a threat actor could inherit elevated privileges.
Impact
- Denial of Service
- Privilege Escalation
Indicators of Compromise
CVE
CVE-2025-3618
CVE-2025-3617
Affected Vendors
Rockwell Automation
Affected Products
- Rockwell Automation ThinManager 14.0.0
- Rockwell Automation ThinManager 14.0.1
Remediation
Refer to Rockwell Automation Security Advisory for patch, upgrade, or suggested workaround information.