{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T05:51:25.469","vulnerabilities":[{"cve":{"id":"CVE-2025-3618","sourceIdentifier":"PSIRT@rockwellautomation.com","published":"2025-04-15T18:15:53.767","lastModified":"2025-07-14T19:17:04.757","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A denial-of-service vulnerability exists in the Rockwell Automation ThinManager. The software fails to adequately verify the outcome of memory allocation while processing Type 18 messages. If exploited, a threat actor could cause a denial-of-service on the target software."},{"lang":"es","value":"Existe una vulnerabilidad de denegación de servicio en Rockwell Automation ThinManager. El software no verifica adecuadamente el resultado de la asignación de memoria al procesar mensajes de tipo 18. Si se explota, un atacante podría provocar una denegación de servicio en el software objetivo."}],"metrics":{"cvssMetricV40":[{"source":"PSIRT@rockwellautomation.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*","versionEndExcluding":"11.2.11","matchCriteriaId":"5B3C2FCE-D93F-4EB6-A376-7F45D990CEC7"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0.0","versionEndExcluding":"12.0.9","matchCriteriaId":"15BB8CC2-E068-4DE0-AFED-18A347780A6D"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.10","matchCriteriaId":"6A02BD87-497D-41A4-A43E-A2C57A4EB1B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.0.7","matchCriteriaId":"854BB218-0C31-4B15-B985-667CFB4327C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.5","matchCriteriaId":"16640933-7F09-4191-99CB-5B98414C12E7"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.2.0","versionEndExcluding":"13.2.4","matchCriteriaId":"55443917-D3EF-4BF2-A835-5315590E3190"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndExcluding":"14.0.2","matchCriteriaId":"DFAAF709-3C91-408C-A368-EB2EA0E6B5FA"}]}]}],"references":[{"url":"https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1727.html","source":"PSIRT@rockwellautomation.com","tags":["Vendor Advisory"]}]}}]}