CVE-2024-45826

Summary

CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. If exploited, a user can install an executable file.

Affected Software

VendorProductVersion RangeStatus
Rockwell AutomationThinManager13.1.0-13.1.2affected
Rockwell AutomationThinManager13.2.0-13.2.1affected

Weaknesses

  • CWE-610: CWE-610 Externally Controlled Reference to a Resource in Another Sphere

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References