Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-3618

A denial-of-service vulnerability exists in the Rockwell Automation ThinManager. The software fails to adequately verify the outcome of memory allocation while processing Type 18 messages. If exploited, a threat actor could cause a denial-of-service on the target software.

Published

2025-04-15T18:15:53.767

Last Modified

2025-07-14T19:17:04.757

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	rockwellautomation	thinmanager	< 11.2.11	Yes
Application	rockwellautomation	thinmanager	< 12.0.9	Yes
Application	rockwellautomation	thinmanager	< 12.1.10	Yes
Application	rockwellautomation	thinmanager	< 13.0.7	Yes
Application	rockwellautomation	thinmanager	< 13.1.5	Yes
Application	rockwellautomation	thinmanager	< 13.2.4	Yes
Application	rockwellautomation	thinmanager	< 14.0.2	Yes

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1727.html Vendor Advisory ([email protected])