The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial of service condition in the software.
Conclusion & alert: CVE-2023-2914 is rated High Risk (67.7/100): CVSS High severity, with high exploitation likelihood (EPSS 27.01%, 98th percentile). Core evidence: EPSS ranks this CVE among the most likely to be exploited in the near term. EPSS rose +3.47% over the last day, indicating growing attacker interest. Mandatory action: High exploitation likelihood—assess exposure and prioritize remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-23 | 23.54% | 27.01% | +3.47% |
| 2 | 2026-06-15 | 26.94% | 23.54% | -3.40% |
| 3 | 2026-06-13 | — | 26.94% | — |
Full EPSS history (18 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 7.5 | 3.1 | HIGH |
|
3.9 | 3.6 | [email protected] |
| 7.5 | 3.1 | HIGH |
|
3.9 | 3.6 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| rockwellautomation | thinmanager_thinserver | >= 11.0.0, <= 11.0.6 | cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:* |
| rockwellautomation | thinmanager_thinserver | >= 11.1.0, <= 11.1.6 | cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:* |
| rockwellautomation | thinmanager_thinserver | >= 11.2.0, <= 11.2.7 | cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:* |
| rockwellautomation | thinmanager_thinserver | >= 12.0.0, <= 12.0.5 | cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:* |
| rockwellautomation | thinmanager_thinserver | >= 12.1.0, <= 12.1.6 | cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:* |
| rockwellautomation | thinmanager_thinserver | >= 13.0.0, <= 13.0.2 | cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:* |
| rockwellautomation | thinmanager_thinserver | 13.1.0 | cpe:2.3:a:rockwellautomation:thinmanager_thinserver:13.1.0:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471 | Permissions Required |