CVE-2024-10387 IMPACT: Denial-of-Service Vulnerability
CVE-2024-10387

7.5HIGH

Key Information:

Vendor: Rockwell Automation
Status: Factorytalk Thinmanager
Vendor: CVE Published:; 25 October 2024

Summary

A Denial-of-Service vulnerability exists in the products of Rockwell Automation, allowing attackers with network access to send specially crafted messages. This could potentially disrupt the service, leading to operational downtime and loss of availability. Organizations using affected Rockwell Automation products should remain vigilant to ensure robust cybersecurity measures are in place to mitigate potential risks associated with this vulnerability.

Affected Version(s)

FactoryTalk ThinManager 11.2.0-11.2.9

FactoryTalk ThinManager 12.0.0-12.0.7

FactoryTalk ThinManager 12.1.0-12.1.8

References

https://www.rockwellautomation.com/en-us/trust-center/sec...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 25, 2024
Vulnerability Reserved
Oct 25, 2024

Credit

Tenable Network Security