Skip to main content

Factorytalk Thinmanager CVE-2026-11917

| EUVDEUVD-2026-43704 HIGH
Path Traversal (CWE-22)
2026-07-14 Rockwell GHSA-h5wg-mm35-jjgv
7.2
CVSS 4.0 · Vendor: Rockwell
Share

Severity by source

Vendor (Rockwell) PRIMARY
7.2 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (Rockwell) · only source for this CVE.

CVSS VectorVendor: Rockwell

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jul 14, 2026 - 16:01 vuln.today
CVE Published
Jul 14, 2026 - 15:07 cve.org
HIGH 7.2

DescriptionCVE.org

A path traversal security issue exists within Rockwell Automation ThinManager® software due to improper limitation of file save operations within the API. An authenticated attacker could exploit this vulnerability to write arbitrary files to restricted system directories outside of the application's intended directory.

AnalysisAI

Arbitrary file write in Rockwell Automation FactoryTalk ThinManager allows an authenticated attacker to abuse a path traversal flaw in the software's API, saving files outside the application's intended directory into restricted system locations. Because CWE-22 file-write primitives on a Windows-based OT management server commonly enable code execution or service disruption, this carries an integrity and availability impact (CVSS 4.0 base 7.2). …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Recommended ActionAI

Within 24 hours, audit all FactoryTalk ThinManager installations and immediately restrict API access to essential administrative accounts; disable external connectivity and internet-facing ThinManager services. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-11917 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy