1. Home
  2. CVE Database
  3. CVE-2023-2914
HIGH · 7.5

CVE-2023-2914

The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes ...

Vulnerability Description

The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial of service condition in the software.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
RockwellautomationThinmanager Thinserver>= 11.0.0, <= 11.0.6

Related Weaknesses (CWE)

CWE-20CWE-190

References

FAQ

What is CVE-2023-2914?

CVE-2023-2914 is a vulnerability with a CVSS score of 7.5 (HIGH). The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes ...

How severe is CVE-2023-2914?

CVE-2023-2914 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-2914?

Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation Thinmanager Thinserver.