What is the severity of CVE-2024-10386?

CVE-2024-10386 has been classified with a critical severity due to its potential for authentication bypass and database manipulation.

How do I fix CVE-2024-10386?

To fix CVE-2024-10386, update the Rockwell Automation ThinManager to the latest version that addresses this vulnerability.

What products are affected by CVE-2024-10386?

The affected products include various versions of Rockwell Automation ThinManager, specifically versions 11.2.0 to 11.2.10, 12.0.0 to 12.0.8, 12.1.0 to 12.1.9, 13.0.0 to 13.0.6, 13.1.0 to 13.1.4, 13.2.0 to 13.2.3, and 14.0.0.

Can CVE-2024-10386 be exploited remotely?

Yes, CVE-2024-10386 can be exploited remotely by a threat actor with network access to the affected devices.

What impact does CVE-2024-10386 have on my system?

CVE-2024-10386 could potentially allow a threat actor to manipulate the database by sending crafted messages to the device.

Vulnerability/
CVE-2024-10386

critical

9.8

CWE

306

25/10/2024

5/11/2024

CVE-2024-10386: Rockwell Automation FactoryTalk ThinManager Authentication Vulnerability

First published: Fri Oct 25 2024(Updated: )

CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in database manipulation.

Credit: PSIRT@rockwellautomation.com

Affected Software	Affected Version	How to fix
Rockwell Automation ThinManager ThinServer	>=11.2.0<11.2.10
Rockwell Automation ThinManager ThinServer	>=12.0.0<12.0.8
Rockwell Automation ThinManager ThinServer	>=12.1.0<12.1.9
Rockwell Automation ThinManager ThinServer	>=13.0.0<13.0.6
Rockwell Automation ThinManager ThinServer	>=13.1.0<13.1.4
Rockwell Automation ThinManager ThinServer	>=13.2.0<13.2.3
Rockwell Automation ThinManager ThinServer	=14.0.0

Remedy

· If able, navigate to the ThinManager® download site https://thinmanager.com/downloads/ and upgrade to a corrected version of ThinManager® 11.2.10 12.0.8 12.1.9 13.0.6 13.1.4 13.2.3 14.0.1

Never miss a vulnerability like this again

Reference Links

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1708.html

Frequently Asked Questions

What is the severity of CVE-2024-10386?
CVE-2024-10386 has been classified with a critical severity due to its potential for authentication bypass and database manipulation.
How do I fix CVE-2024-10386?
To fix CVE-2024-10386, update the Rockwell Automation ThinManager to the latest version that addresses this vulnerability.
What products are affected by CVE-2024-10386?
The affected products include various versions of Rockwell Automation ThinManager, specifically versions 11.2.0 to 11.2.10, 12.0.0 to 12.0.8, 12.1.0 to 12.1.9, 13.0.0 to 13.0.6, 13.1.0 to 13.1.4, 13.2.0 to 13.2.3, and 14.0.0.
Can CVE-2024-10386 be exploited remotely?
Yes, CVE-2024-10386 can be exploited remotely by a threat actor with network access to the affected devices.
What impact does CVE-2024-10386 have on my system?
CVE-2024-10386 could potentially allow a threat actor to manipulate the database by sending crafted messages to the device.

agent/title
agent/references
agent/remedy
agent/weakness
agent/type
agent/description
agent/first-publish-date
agent/severity
agent/author
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/rockwellautomation
canonical/rockwell automation thinmanager thinserver
version/rockwell automation thinmanager thinserver/11.2.0
version/rockwell automation thinmanager thinserver/12.0.0
version/rockwell automation thinmanager thinserver/12.1.0
version/rockwell automation thinmanager thinserver/13.0.0
version/rockwell automation thinmanager thinserver/13.1.0
version/rockwell automation thinmanager thinserver/13.2.0
version/rockwell automation thinmanager thinserver/14.0.0