CVE-2024-10386

Summary

CVE-2024-10386 IMPACT

An authentication vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in database manipulation.

Affected Software

VendorProductVersion RangeStatus
Rockwell AutomationFactoryTalk ThinManager11.2.0-11.2.9affected
Rockwell AutomationFactoryTalk ThinManager12.0.0-12.0.7affected
Rockwell AutomationFactoryTalk ThinManager12.1.0-12.1.8affected
Rockwell AutomationFactoryTalk ThinManager13.0.0-13.0.5affected
Rockwell AutomationFactoryTalk ThinManager13.1.0-13.1.3affected
Rockwell AutomationFactoryTalk ThinManager13.2.0-13.2.2affected
Rockwell AutomationFactoryTalk ThinManager14.0.0affected

Weaknesses

  • CWE-306: CWE-306 Missing Authentication for Critical Function

Workarounds

·         If able, navigate to the ThinManager® download site https://thinmanager.com/downloads/ and upgrade to a corrected version of ThinManager®

·         Implement network hardening for ThinManager® Device(s) by limiting communications to TCP 2031 to only the devices that need connection to the ThinManager®

·         For information on how to mitigate Security Risks on industrial automation control systems, we encourage customers to implement our suggested security best practices to minimize the risk of the vulnerability.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References