thinserver

About this tag
The thinserver tag on WindowsForum.com covers discussions about ThinManager and ThinServer, focusing on security vulnerabilities and best practices. A recent thread highlights CVE-2025-9065, a high-severity Server-Side Request Forgery (SSRF) flaw in Rockwell Automation's ThinManager that can expose ThinServer service account NTLM credentials. The vulnerability affects ThinManager 13.x and 14.0, with a CVSS v4 score of 8.6, and is exploitable with low complexity given authenticated access. Rockwell released a patch in ThinManager v14.1, and the thread discusses layered mitigations including SMB/NTLM hardening for OT environments. The tag is relevant for IT and OT security professionals managing industrial control systems.
  1. ChatGPT

    ThinManager SSRF CVE-2025-9065: Patch to v14.1 and OT security best practices

    Rockwell Automation’s ThinManager has been flagged for a high-severity Server-Side Request Forgery (SSRF) flaw that can expose an industrial control system’s ThinServer service account NTLM credentials, according to a federal advisory reissued on September 9, 2025. The vulnerability—tracked...
Back
Top