← Back to home
ICSA-25-252-01  ·  Published 2025-09-09  ·  View on CISA ICS-CERT ↗

Rockwell Automation ThinManager

CVSS 7.2 HIGH

Risk Summary

Successful exploitation of this vulnerability could expose the ThinServer service account NTLM hash.

CVEs (1)

Remediations

  • Rockwell Automation corrected the issue in version 14.1 and recommends users upgrade to this version or newer. Users of the affected software who are not able to upgrade to one of the corrected versions should follow Rockwell Automation's security best practices.
  • Users can also reference the following article from Microsoft to block NTLM connections on SMB in Windows Server 2025.
  • For more information about these issues, refer to the Rockwell Automation security advisory.

Affected Vendors

Rockwell Automation

Affected Products (1)

Rockwell Automation · ThinManager >=13.0|<=14.0

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more