A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™
that allows a threat actor to execute arbitrary code with System privileges. To exploit this vulnerability and a threat actor must abuse the ThinServer™ service by creating a junction and use it to upload arbitrary files.
Fixes

Solution

ffected Product First Known in software version Corrected in software version ThinManager® ThinServer™ 11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.1 11.1.8 11.2.9 12.0.7 12.1.8 13.0.5 13.1.3 13.2.2 Mitigations and Workarounds Customers using the affected software are encouraged to implement our suggested security best practices to minimize the risk of vulnerability. ·       Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight


Workaround

No workaround given by the vendor.

History

Mon, 26 Aug 2024 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Rockwellautomation
Rockwellautomation thinmanager Thinserver
Weaknesses CWE-434
CPEs cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*
Vendors & Products Rockwellautomation
Rockwellautomation thinmanager Thinserver
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 26 Aug 2024 15:00:00 +0000

Type Values Removed Values Added
Description A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. To exploit this vulnerability and a threat actor must abuse the ThinServer™ service by creating a junction and use it to upload arbitrary files.
Title Rockwell Automation ThinManager® ThinServer™ Information Disclosure and Remote Code Execution Vulnerabilities
References
Metrics cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Rockwell

Published:

Updated: 2024-08-26T17:29:09.449Z

Reserved: 2024-08-19T20:06:26.723Z

Link: CVE-2024-7987

cve-icon Vulnrichment

Updated: 2024-08-26T17:28:58.329Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-08-26T15:15:09.047

Modified: 2024-08-26T18:35:13.553

Link: CVE-2024-7987

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.