Primary

Context

Rockwell Automation ThinManager Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in Rockwell Automation ThinManager versions through 14.0.1. The issue arises because the software does not properly validate the results of memory allocation when handling Type 18 messages. This flaw can be exploited to disrupt the normal operation of the software, causing a denial-of-service condition.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the target software to become unresponsive or unavailable.

Remediation

Users are advised to update to ThinManager version 14.0.2 or later. For versions 11.2.11, 12.0.9, 12.1.10, 13.0.7, and 13.1.5, consult the Rockwell Automation Trust Center for guidance on applying security best practices to minimize vulnerability risks.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Rockwell Automation ThinManager Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Rockwell Automation ThinManager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating