- Description
- A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. When the software starts up, files are deleted in the temporary folder causing the Access Control Entry of the directory to inherit permissions from the parent directory. If exploited, a threat actor could inherit elevated privileges.
- Source
- PSIRT@rockwellautomation.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 8.5
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-276
- Hype score
- Not currently trending
CVE-2025-3617 A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. When the software starts up, files are deleted in the temporary folder causing the A… https://t.co/wXjkje04R8
@CVEnew
15 Apr 2025
313 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-3617: HIGH] A privilege escalation flaw in Rockwell Automation ThinManager allows attackers to gain elevated system access by inheriting permissions. #CyberSecurity#cve,CVE-2025-3617,#cybersecurity https://t.co/HgUb3ZPdFf https://t.co/GQvdjizz5R
@CveFindCom
15 Apr 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes