← Back to home
ICSA-23-131-15  ·  Published 2023-05-11  ·  View on CISA ICS-CERT ↗

Rockwell Automation ThinManager

CVSS 7.5 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to decrypt traffic sent between the client and server application programming interface (API), resulting in unauthorized access to information.

CVEs (1)

Remediations

  • Users of the affected software are encouraged to apply risk mitigations when possible and implement Rockwell Automation�s suggested security best practices to minimize risk of vulnerability exploitation.
  • Upgrade to v13.0.2.
  • Do not use 3DES encryption algorithm.
  • Reference Recommended Security Guidelines from Rockwell Automation.

Affected Vendors

Rockwell Automation

Affected Products (1)

Rockwell Automation · ThinManager 13.0 | < 13.0.1

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more