cvedb.io
CVE-2025-3617
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2025-04-15T18:15:53.620 · Last modified 2026-06-17T09:20:18.667

Summary

A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. When the software starts up, files are deleted in the temporary folder causing the Access Control Entry of the directory to inherit permissions from the parent directory. If exploited, a threat actor could inherit elevated privileges.

Affected products

rockwellautomation — thinmanager

Does this affect you?

Add your gear to cvedb and we'll alert you only when rockwellautomation ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.