Unrated severityNVD Advisory· Published Sep 23, 2022· Updated May 22, 2025
Rockwell Automation ThinManager Software Vulnerable to Arbitrary Code Execution and Denial-Of-Service Attack
CVE-2022-38742
Description
Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could expose the server to arbitrary remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2>=11.0.0, <=13.0.0+ 1 more
- (no CPE)range: >=11.0.0, <=13.0.0
- (no CPE)range: 11.0.0
Patches
Vulnerability mechanics
References
1- rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1136847mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.