← Volver a CVEs
CVE-2024-7988
CRITICAL9.8
Descripcion
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado8/26/2024
Ultima modificacion10/21/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
rockwellautomation:thinmanager_thinserver
Debilidades (CWE)
CWE-20
Referencias
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1692.html(PSIRT@rockwellautomation.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.