Vulnerability Details CVE-2024-7988
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.135
EPSS Ranking 93.9%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2024-7988
-
cpe:2.3:a:rockwellautomation:thinmanager_thinserver:11.1.0
-
cpe:2.3:a:rockwellautomation:thinmanager_thinserver:11.1.7
-
cpe:2.3:a:rockwellautomation:thinmanager_thinserver:11.2.0
-
cpe:2.3:a:rockwellautomation:thinmanager_thinserver:11.2.8
-
cpe:2.3:a:rockwellautomation:thinmanager_thinserver:12.0.0
-
cpe:2.3:a:rockwellautomation:thinmanager_thinserver:12.0.6
-
cpe:2.3:a:rockwellautomation:thinmanager_thinserver:12.1.0
-
cpe:2.3:a:rockwellautomation:thinmanager_thinserver:12.1.7
-
cpe:2.3:a:rockwellautomation:thinmanager_thinserver:13.0.0
-
cpe:2.3:a:rockwellautomation:thinmanager_thinserver:13.0.4
-
cpe:2.3:a:rockwellautomation:thinmanager_thinserver:13.1.0
-
cpe:2.3:a:rockwellautomation:thinmanager_thinserver:13.1.2
-
cpe:2.3:a:rockwellautomation:thinmanager_thinserver:13.2.0
-
cpe:2.3:a:rockwellautomation:thinmanager_thinserver:13.2.1