CVE-2023-27856 Information

Description

In affected versions path traversal exists when processing a message of type 8 in Rockwell Automation’s ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to download arbitrary files on the disk drive where ThinServer.exe is installed.

Reference

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1138640