CVE-2023-27855
Published: 22 March 2023
Summary
CVE-2023-27855 is a critical-severity Path Traversal (CWE-22) vulnerability in Rockwellautomation Thinmanager. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 1.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2023-27855 is a path traversal vulnerability, tracked under CWE-22, that affects Rockwell Automation ThinManager ThinServer. The flaw manifests when the software processes certain messages and permits an attacker to manipulate file paths on the system hosting ThinServer.exe.
An unauthenticated remote attacker can exploit the issue over the network to upload arbitrary files into any directory where ThinServer.exe is installed. Successful exploitation allows the attacker to overwrite legitimate executables with attacker-controlled malicious content, resulting in remote code execution with full system impact as reflected by the CVSS 9.8 score.
The vendor advisory published at https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1138640 details the affected versions and provides mitigation guidance along with available patches. The associated EPSS score has remained elevated, reaching a peak of 0.7401.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-31590
Vulnerability details
In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker could potentially exploit this vulnerability to upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed.…
more
The attacker could overwrite existing executable files with attacker-controlled, malicious contents, potentially causing remote code execution.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates pathnames and filenames to prevent traversal outside intended directories.