CVE-2023-2915
CVSS 3.1 Score 4.9 of 10 (medium)
Details
Summary
CVE-2023-2915 is a newly identified vulnerability affecting the Rockwell Automation Thinmanager Thinserver. This issue stems from an improper input validation mechanism, leaving the software susceptible to a path traversal vulnerability. An unauthenticated attacker can exploit this flaw by sending a crafted synchronization protocol message, potentially triggering a denial-of-service condition or granting them the ability to delete arbitrary files with system privileges. This vulnerability poses a significant risk to the security of industrial networks using the Rockwell Automation Thinmanager Thinserver.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.