CVE-2024-7988

A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1692.html	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:rockwellautomation:thinmanager_thinserver::::::::
	cpe:2.3:a:rockwellautomation:thinmanager_thinserver::::::::
	cpe:2.3:a:rockwellautomation:thinmanager_thinserver::::::::
	cpe:2.3:a:rockwellautomation:thinmanager_thinserver::::::::
	cpe:2.3:a:rockwellautomation:thinmanager_thinserver::::::::
	cpe:2.3:a:rockwellautomation:thinmanager_thinserver::::::::
	cpe:2.3:a:rockwellautomation:thinmanager_thinserver::::::::

History

21 Oct 2025, 18:58

Type	Values Removed	Values Added
CPE		cpe:2.3:a:rockwellautomation:thinmanager_thinserver::::::::
First Time		Rockwellautomation thinmanager Thinserver Rockwellautomation
References	~~() https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1692.html -~~	() https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1692.html - Vendor Advisory

Information

Published : 2024-08-26 15:15

Updated : 2025-10-21 18:58

NVD link : CVE-2024-7988

Mitre link : CVE-2024-7988

CVE.ORG link : CVE-2024-7988

JSON object : View

Products Affected

rockwellautomation

thinmanager_thinserver

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2024-7988", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "PSIRT@rockwellautomation.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2024-08-26T15:15:09.140", "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1692.html", "tags": ["Vendor Advisory"], "source": "PSIRT@rockwellautomation.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "PSIRT@rockwellautomation.com", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "A remote code execution vulnerability exists in the Rockwell Automation ThinManager\u00ae ThinServer\u2122 that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten."}, {"lang": "es", "value": "Existe una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Rockwell Automation ThinManager\u00ae ThinServer\u2122 que permite a un actor de amenazas ejecutar c\u00f3digo arbitrario con privilegios de System. Esta vulnerabilidad existe debido a la falta de una validaci\u00f3n adecuada de la entrada de datos, lo que permite sobrescribir archivos."}], "lastModified": "2025-10-21T18:58:17.483", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F628C11D-148F-40E7-96D6-5AA4C6870E9E", "versionEndExcluding": "11.1.8", "versionStartIncluding": "11.1.0"}, {"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4949C9C3-5978-425B-99F0-DA4FB74690C5", "versionEndExcluding": "11.2.9", "versionStartIncluding": "11.2.0"}, {"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA2CD8E4-889B-48EA-9D06-B599DC3D6ACA", "versionEndExcluding": "12.0.7", "versionStartIncluding": "12.0.0"}, {"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8C4E638-E1E6-4BE9-B498-4600CE6C1CD7", "versionEndExcluding": "12.1.8", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0797A814-6983-4686-B639-EDA1E2ADFBF0", "versionEndExcluding": "13.0.5", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7100E69-4C7E-4194-98A4-ECFE9C4356F0", "versionEndExcluding": "13.1.3", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C99672F3-B57F-40C1-9D02-79D906D47D9A", "versionEndExcluding": "13.2.2", "versionStartIncluding": "13.2.0"}], "operator": "OR"}]}], "sourceIdentifier": "PSIRT@rockwellautomation.com"}