CVE-2025-3618
published 2025-04-15CVE-2025-3618: A denial-of-service vulnerability exists in the Rockwell Automation ThinManager. The software fails to adequately verify the outcome of memory allocation while…
PriorityP423medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
EPSS
1.41%
69.3th percentile
A denial-of-service vulnerability exists in the Rockwell Automation ThinManager. The software fails to adequately verify the outcome of memory allocation while processing Type 18 messages. If exploited, a threat actor could cause a denial-of-service on the target software.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | credentials_plugin | — | — |
| jenkins | jenkins_core | — | — |
| jenkins | jenkins_lts | — | — |
| jenkins | jenkins_weekly | — | — |
| msrc | azl3_libtiff_4.6.0-6_on_azure_linux_3.0 | — | — |
| msrc | cbl2_libtiff_4.5.1-1_on_cbl_mariner_2.0 | — | — |
| rockwell_automation | thinmanager | — | — |
| rockwellautomation | thinmanager | < 11.2.11 | 11.2.11 |
| rockwellautomation | thinmanager | >= 12.0.0 < 12.0.9 | 12.0.9 |
| rockwellautomation | thinmanager | >= 12.1.0 < 12.1.10 | 12.1.10 |
| rockwellautomation | thinmanager | >= 13.0.0 < 13.0.7 | 13.0.7 |
| rockwellautomation | thinmanager | >= 13.1.0 < 13.1.5 | 13.1.5 |
| rockwellautomation | thinmanager | >= 13.2.0 < 13.2.4 | 13.2.4 |
| rockwellautomation | thinmanager | >= 14.0.0 < 14.0.2 | 14.0.2 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvdv4.08.5HIGHCVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_msrc6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4w84-6c7g-5c25: A denial-of-service vulnerability exists in the Rockwell Automation ThinManager
ghsa_unreviewed·2025-04-15
CVE-2025-3618 [HIGH] CWE-119 GHSA-4w84-6c7g-5c25: A denial-of-service vulnerability exists in the Rockwell Automation ThinManager
A denial-of-service vulnerability exists in the Rockwell Automation ThinManager. The software fails to adequately verify the outcome of memory allocation while processing Type 18 messages. If exploited, a threat actor could cause a denial-of-service on the target software.
CISA ICS
Rockwell Automation ThinManager
cisa_ics·2025-04-29·CVSS 5.5
[MEDIUM] Rockwell Automation ThinManager
ICS Advisory
##
Rockwell Automation ThinManager
Release DateApril 29, 2025
Alert CodeICSA-25-119-01
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 8.7
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Rockwell Automation
- Equipment: ThinManager
- Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Incorrect Default Permissions
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges and cause a denial-of-service condition.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of ThinManager, a software management platform, are affected:
Microsoft
Segmentation fault in fax3encode in libtiff/tif_fax3.c
vendor_msrc·2023-07-11·CVSS 6.5
CVE-2023-3618 [MEDIUM] CWE-120 Segmentation fault in fax3encode in libtiff/tif_fax3.c
Segmentation fault in fax3encode in libtiff/tif_fax3.c
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
redhat: redhat
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://lear
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-04-15
Published