Cyber Resilience

CVE-2024-45826

High

Published: 12 September 2024

Published
12 September 2024
Modified
02 October 2024
KEV Added
Patch
CVSS Score v4 8.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0334 87.6th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-45826 is a high-severity Externally Controlled Reference to a Resource in Another Sphere (CWE-610) vulnerability in Rockwellautomation Thinmanager. Its CVSS base score is 8.5 (High).

Operationally, ranked in the top 12.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2024-45826 is a path traversal and remote code execution vulnerability stemming from improper input validation in ThinManager when the software processes a crafted POST request. Successful exploitation allows an attacker to install an executable file on the affected system. The flaw is tracked under CWE-610 and carries a CVSS 4.0 score of 8.5.

An attacker with high privileges can send a malicious POST request over the network to trigger the issue, achieving code execution after limited user interaction. The attack requires no special attack techniques beyond crafting the request and targets the ThinManager component directly.

The vendor has published Rockwell Automation security advisory SD1700 to address the issue. The EPSS score rose from a low baseline to a peak of 0.0551 on 2025-12-11 before receding to the current value of 0.0334, indicating a temporary increase in observed exploitation interest after disclosure.

EU & UK References

Vulnerability details

CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. If exploited, a user can install an executable file.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

rockwellautomation
thinmanager
13.1.0 — 13.1.3 · 13.2.0 — 13.2.2

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-610

Limits impact of an externally controlled reference to a primary information resource by switching to an identified alternative.

References