CVE-2025-9065 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Authenticated attack…

High CVSS: 8.6

CVE-2025-9065

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Authenticated attackers can exploit this vulnerability by specifying external SMB paths, exposing the ThinServer® service account NTLM hash.

Vendor

Rockwellautomation

Product

CWE

Yayın Tarihi

2025-09-09 13:15:32

Güncelleme

2025-10-20 19:17:27

Source Identifier

PSIRT@rockwellautomation.com

KEV Date Added

-

Kategoriler

CWE-610 Thinmanager HIGH Rockwellautomation 2025

Referanslar

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1743.html

Benzer Kayıtlar

High

CVE-2025-9466

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the…

High

CVE-2025-9465

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the…

High

CVE-2025-9464

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. This vulnerability is tr…

High

CVE-2025-9283

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the…

High

CVE-2025-9282

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the…

High

CVE-2025-9281

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the…