Security Advisory

CVE-2025-9065

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-09 12:51:42

Last updated 2025-09-09 13:23:24

Assigner Rockwell

State PUBLISHED

Description

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Authenticated attackers can exploit this vulnerability by specifying external SMB paths, exposing the ThinServer® service account NTLM hash.

← Browse all CVEs View on cve.org ↗