We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-10386

Rockwell Automation FactoryTalk ThinManager Authentication Vulnerability



AssignerRockwell
Reserved2024-10-25
Published2024-10-25
Updated2024-10-25

Description

CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in database manipulation.



CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Product status

Default status
unaffected

11.2.0-11.2.9
affected

12.0.0-12.0.7
affected

12.1.0-12.1.8
affected

13.0.0-13.0.5
affected

13.1.0-13.1.3
affected

13.2.0-13.2.2
affected

14.0.0
affected

Credits

Tenable Network Security reporter

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1708.html

cve.org CVE-2024-10386

nvd.nist.gov CVE-2024-10386

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.