cvedb.io
CVE-2023-27857
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2023-03-22T02:15:48.953 · Last modified 2026-06-17T05:45:58.620

Summary

In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer.  An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation.

Affected products

rockwellautomation — thinmanager

Does this affect you?

Add your gear to cvedb and we'll alert you only when rockwellautomation ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.