CVE-2024-7987

Published: Aug 26, 2024Modified: Oct 21, 2025

8.5

Vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: PSIRT@rockwellautomation.com (Secondary)

Description

A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. To exploit this vulnerability and a threat actor must abuse the ThinServer™ service by creating a junction and use it to upload arbitrary files.

Affected (7)

Products: Rockwellautomation: Thinmanager Thinserver

Rockwellautomation

1 product

Thinmanager Thinserver

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Rockwellautomation Thinmanager Thinserver	From 11.1.0 to 11.1.8
Rockwellautomation Thinmanager Thinserver	From 11.2.0 to 11.2.9
Rockwellautomation Thinmanager Thinserver	From 12.0.0 to 12.0.7
Rockwellautomation Thinmanager Thinserver	From 12.1.0 to 12.1.8
Rockwellautomation Thinmanager Thinserver	From 13.0.0 to 13.0.5
Rockwellautomation Thinmanager Thinserver	From 13.1.0 to 13.1.3
Rockwellautomation Thinmanager Thinserver	From 13.2.0 to 13.2.2

Related CWEs

CWE-434

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (1)

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1692.html

Source: PSIRT@rockwellautomation.com

Vendor Advisory

Timeline

No history available yet.