Industrial HMIs at risk of attacks exploiting Rockwell ThinManager vulnerabilities

Human-machine interfaces for industrial equipment could be compromised with the exploitation of three recently patched vulnerabilities in Rockwell Automation's ThinManager ThinServer software, according to SecurityWeek. Threat actors with access to the vulnerable server's network could leverage the flaws, tracked as CVE-2023-2914, CVE-2023-2915, and CVE-2023-2917, to facilitate denial-of-service attacks, arbitrary file deletion with system privileges, and arbitrary file uploading to any folder in the drive with ThinServer.exe, noted Tenable researchers, who discovered and reported the security bugs. "Successful exploitation can allow complete attacker control of the ThinServer. The real-world impact of this access depends on the environment, server configuration, and the content types the server is configured on and intended to access," said Tenable, which added that while the flaws could be used to access HMIs, they could also be leveraged to compromise other network assets. Organizations have also been warned by the Cybersecurity and Infrastructure Security Agency regarding the flaws.