Rockwellautomation: >> Thinmanager >> 13.0.6 Security Vulnerabilities
A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Authenticated attackers can exploit this vulnerability by specifying external SMB paths, exposing the ThinServer® service account NTLM hash.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-09-09
A denial-of-service vulnerability exists in the Rockwell Automation ThinManager. The software fails to adequately verify the outcome of memory allocation while processing Type 18 messages. If exploited, a threat actor could cause a denial-of-service on the target software.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-04-15