// For flags

CVE-2022-38742

Rockwell Automation ThinManager Software Vulnerable to Arbitrary Code Execution and Denial-Of-Service Attack

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could expose the server to arbitrary remote code execution.

Rockwell Automation ThinManager ThinServer versiones 11.0.0 - 13.0.0, son vulnerables a un desbordamiento del búfer en la región heap de la memoria. Un atacante podría enviar una petición TFTP o HTTPS específicamente diseñada, causando un desbordamiento del búfer en la región heap de la memoria que bloquea el proceso de ThinServer. Si es explotado con éxito, esto podría exponer al servidor a una ejecución de código remota arbitrario.

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation ThinManager. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the processing of HTTPS traffic. When parsing a URI, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the web service.

*Credits: rgod
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-08-24 CVE Reserved
  • 2022-09-23 CVE Published
  • 2024-09-17 CVE Updated
  • 2024-09-19 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-122: Heap-based Buffer Overflow
  • CWE-787: Out-of-bounds Write
CAPEC
References (0)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Rockwellautomation
Search vendor "Rockwellautomation"
 Thinmanager
Search vendor "Rockwellautomation" for product "Thinmanager"
 >= 11.0.0 <= 13.0.0
Search vendor "Rockwellautomation" for product "Thinmanager" and version " >= 11.0.0 <= 13.0.0"
-
Affected