CVE-2023-27857

In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer.  An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*
cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*
cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*
cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*
cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*
cpe:2.3:a:rockwellautomation:thinmanager:13.0.0:*:*:*:*:*:*:*

History

25 Oct 2023, 18:17

Type Values Removed Values Added
Summary In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation. In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer.  An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation.

Information

Published : 2023-03-22 02:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-27857

Mitre link : CVE-2023-27857

CVE.ORG link : CVE-2023-27857


JSON object : View

Products Affected

rockwellautomation

  • thinmanager
CWE
CWE-125

Out-of-bounds Read