The following ThinServer vulnerabilities are notable: CVE-2023-28756 (CVSS score: 7.5) and CVE-2023-28755 (CVSS score: 9.8), because they could enable an unauthenticated, remote attacker to upload any file to the directory where ThinServer.exe is installed. In addition, a threat actor might use the CVE-2023-28755 vulnerability to replace current executable files with trojanized versions. To reduce security risks, users are urged to update software to the following versions: 11.0.6, 11.1.6, 11.2.7, 12.0.5, 12.1.6, and 13.0.2. Versions 6.x through 10.x of the ThinManager ThinServer are outdated, so users should upgrade them to supported versions. It is also advised to restrict remote access to known thin clients and ThinManager servers using port 2031/TCP as a solution.
In addition, it is highly recommended for all organizations deploying ICS infrastructure to ensure that there is no Internet facing access for these devices. Control system networks and devices should be located behind firewall and other perimeter security controls separate from business and other systems. Any cases of remote access should only be allowed from restricted addresses and devices across a private, up-to-date VPN.
https://thehackernews.com/2023/03/cisa-alerts-on-critical-security.html
https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-02
