CVE-2025-3618

Summary

A denial-of-service vulnerability exists in the Rockwell Automation ThinManager. The software fails to adequately verify the outcome of memory allocation while processing Type 18 messages. If exploited, a threat actor could cause a denial-of-service on the target software.

Affected Software

VendorProductVersion RangeStatus
Rockwell AutomationThinManagerv14.0.1 and earlieraffected

Weaknesses

  • 119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References