ICSA-23-234-03
·
Published 2023-08-22
·
View on CISA ICS-CERT ↗
Rockwell Automation ThinManager ThinServer
CVSS 9.8
CRITICAL
Risk Summary
Successful exploitation of these vulnerabilities could allow an attacker to remotely delete arbitrary files with system privileges.
CVEs (3)
Remediations
- Rockwell Automation recommends customers apply the following mitigations:
- ThinManager ThinServer: Versions 11.0.0-11.0.6: Update to 11.0.7
- ThinManager ThinServer: Versions 11.1.0-11.1.6: Update to 11.1.7
- ThinManager ThinServer: Versions 11.2.0-11.2.6: Update to 11.2.8
- ThinManager ThinServer: Versions 12.1.0-12.1.6: Update to 12.1.7
- ThinManager ThinServer: Versions 12.0.0-12.0.5: Update to 12.0.6
- ThinManager ThinServer: Versions 13.0.0-13.0.2: Update to 13.0.3
- ThinManager ThinServer: Version 13.1.0: Update to 13.1.1
- Customers using the affected software are encouraged to apply mitigations, if possible. Additionally, Rockwell Automation encourages customers to implement suggested security best practices to minimize the risk of vulnerability.
- Update to the corrected software versions.
- Limit remote access for TCP Port 2031 to known thin clients and ThinManager servers.
- Security Best Practices
- For more information, see Rockwell Automation's Security Advisory.
Affected Vendors
Rockwell Automation
Affected Products (7)
Rockwell Automation
·
ThinManager ThinServer
>= 11.0.0 | <= 11.0.6
Rockwell Automation
·
ThinManager ThinServer
>= 11.1.0 | <= 11.1.6
Rockwell Automation
·
ThinManager ThinServer
>= 11.2.0 | <= 11.2.6
Rockwell Automation
·
ThinManager ThinServer
>= 12.1.0 | <= 12.1.6
Rockwell Automation
·
ThinManager ThinServer
>= 12.0.0 | <= 12.0.5
Rockwell Automation
·
ThinManager ThinServer
>= 13.0.0 | <= 13.0.2
Rockwell Automation
·
ThinManager ThinServer
13.1.0
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more