9.8
CRITICAL
CVE-2024-10386
Sophos Database Manipulation Authentication Bypass
Description

CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in database manipulation.

INFO

Published Date :

Oct. 25, 2024, 5:15 p.m.

Last Modified :

Nov. 5, 2024, 8:07 p.m.

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

3.9
Public PoC/Exploit Available at Github

CVE-2024-10386 has a 2 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2024-10386 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Rockwellautomation thinmanager
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-10386.

URL Resource
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1708.html Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

None

Updated: 2 days, 23 hours ago
2 stars 0 fork 0 watcher
Born at : Nov. 18, 2024, 4:07 p.m. This repo has been linked 1 different CVEs too.

None

Updated: 2 days, 23 hours ago
0 stars 0 fork 0 watcher
Born at : Nov. 18, 2024, 3:39 p.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-10386 vulnerability anywhere in the article.

  • Cybersecurity News
CVE Alert on November 18th, 2024

by do son · Published November 18, 2024 · Updated November 18, 2024 ... Read more

Published Date: Nov 18, 2024 (2 days, 23 hours ago)
  • Cybersecurity News
LodaRAT Strikes Again: New Campaign Targets Global Victims with Updated Capabilities

Researchers at Rapid7 have uncovered a fresh campaign using LodaRAT, a well-known remote access tool (RAT) that has been active since 2016. Initially developed for information gathering, LodaRAT has b ... Read more

Published Date: Nov 15, 2024 (6 days, 14 hours ago)
  • Cybersecurity News
RustyAttr Trojan: Lazarus Group’s New macOS Malware Evades Antivirus with Ease

Overview of execution flow | Image: Group-IBResearchers at Group-IB have discovered a new stealth technique employed by the North Korean APT group Lazarus, targeting macOS systems through a unique cod ... Read more

Published Date: Nov 14, 2024 (1 week ago)
  • The Hacker News
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 - Nov 03)

Weekly Recap / Cybersecurity This week was a total digital dumpster fire! Hackers were like, "Let's cause some chaos!" and went after everything from our browsers to those fancy cameras that zoom and ... Read more

Published Date: Nov 04, 2024 (2 weeks, 3 days ago)
  • Dark Reading
Critical Auth Bugs Expose Smart Factory Gear to Cyberattack

Source: frans lemmens via Alamy Stock PhotoCritical security vulnerabilities affecting factory automation software from Mitsubishi Electric and Rockwell Automation could variously allow remote code ex ... Read more

Published Date: Nov 01, 2024 (2 weeks, 5 days ago)

The following table lists the changes that have been made to the CVE-2024-10386 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Initial Analysis by [email protected]

    Nov. 05, 2024

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1708.html No Types Assigned https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1708.html Vendor Advisory
    Added CWE NIST NVD-CWE-noinfo
    Added CPE Configuration OR *cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:* versions from (including) 11.2.0 up to (excluding) 11.2.10 *cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:* versions from (including) 12.0.0 up to (excluding) 12.0.8 *cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:* versions from (including) 12.1.0 up to (excluding) 12.1.9 *cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:* versions from (including) 13.0.0 up to (excluding) 13.0.6 *cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:* versions from (including) 13.1.0 up to (excluding) 13.1.4 *cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:* versions from (including) 13.2.0 up to (excluding) 13.2.3 *cpe:2.3:a:rockwellautomation:thinmanager:14.0.0:*:*:*:*:*:*:*
  • CVE Received by [email protected]

    Oct. 25, 2024

    Action Type Old Value New Value
    Added Description CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in database manipulation.
    Added Reference Rockwell Automation https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1708.html [No types assigned]
    Added CWE Rockwell Automation CWE-306
    Added CVSS V3.1 Rockwell Automation AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Added CVSS V4.0 Rockwell Automation CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-10386 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability