All news with #thinmanager tag

Rockwell ThinManager SSRF Exposes NTLM Hashes Remotely

🔒 Rockwell Automation’s ThinManager contains a server-side request forgery (SSRF) vulnerability (CVE-2025-9065) affecting versions 13.0 through 14.0 that can expose the ThinServer service account NTLM hash. Authenticated attackers can trigger SMB authentication by specifying external SMB paths, causing NTLM challenge/response data to be leaked. Rockwell addressed the issue in ThinManager 14.1 and recommends upgrading; temporary mitigations include blocking NTLM over SMB, isolating control networks, and using secure remote access.