Rockwell Automation Integer Overflow Vulnerability

Rockwell Automation’s ThinManager is designed for managing thin clients, mobile devices, cameras, and industrial devices. Comprising both client and server components, the client facilitates device configuration while the server handles data transfer and client requests. To maintain data consistency across the system, ThinManager servers synchronize using messages sent via port TCP/2031.

These messages, based on a proprietary protocol, are initiated with a Type value, with a notable emphasis on Type 13 messages.   A significant vulnerability, specifically an integer overflow, has been identified in the Rockwell Automation ThinManager ThinServer. The root of this vulnerability is tied to the improper validation of input, particularly when processing Type 13 synchronization messages.

Read more…
Source: Sonicwall