All the vulnerabilites related to PTC - ThingWorx Industrial Connectivity
cve-2023-5908
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-334-03 | government-resource |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:14:24.586Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "government-resource", "x_transferred" ], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-334-03" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "KEPServerEX", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ThingWorx Kepware Server", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ThingWorx Industrial Connectivity", "vendor": "PTC", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unaffected", "product": "OPC-Aggregator", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "6.14", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ThingWorx Kepware Edge", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "1.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "KEPServer Enterprise", "vendor": "Rockwell Automation ", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "Industrial Gateway Server", "vendor": "GE Gigital", "versions": [ { "lessThanOrEqual": "7.614", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "TOP Server", "vendor": "Software Toolbox", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Shawn Hoffman" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eKEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information.\u003c/p\u003e\u003cbr\u003e\n\n" } ], "value": "\n\n\n\n\nKEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information.\n\n\n\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-Based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-30T22:03:58.098Z", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert" }, "references": [ { "tags": [ "government-resource" ], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-334-03" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\n\u003cp\u003ePTC has released and recommends users to update to the following versions:\u003c/p\u003e\u003cul\u003e\u003cli\u003eKEPServerEX should upgrade to v6.15 or later\u003c/li\u003e\u003cli\u003eThingWorx Kepware Server should upgrade to v6.15 or later\u003c/li\u003e\u003cli\u003eThingWorx Industrial Connectivity should upgrade to ThingWorx Kepware Server v6.15 or later\u003c/li\u003e\u003cli\u003eOPC-Aggregator should upgrade to v6.15 or later\u003c/li\u003e\u003cli\u003eThingWorx Kepware Edge: Upgrade to v1.8 or later\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eRefer to secure configuration guide \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ptc.com/en/support/refdoc/ThingWorx_Kepware_Server/6.15/ThingWorx%20Kepware%20Server%20Secure%20Deployment%20Guide\"\u003ehere\u003c/a\u003e\u003c/p\u003e\u003cp\u003eIf additional questions remain, please contact \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.ptc.com/apps/case_logger_viewer/cs/auth/ssl/log?\"\u003ePTC Technical Support\u003c/a\u003e\u003c/p\u003e\u003cp\u003eFor more information, see PTC\u0027s \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ptc.com/en/support/article/CS405439\"\u003eadvisory\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e" } ], "value": "\nPTC has released and recommends users to update to the following versions:\n\n * KEPServerEX should upgrade to v6.15 or later\n * ThingWorx Kepware Server should upgrade to v6.15 or later\n * ThingWorx Industrial Connectivity should upgrade to ThingWorx Kepware Server v6.15 or later\n * OPC-Aggregator should upgrade to v6.15 or later\n * ThingWorx Kepware Edge: Upgrade to v1.8 or later\n\n\nRefer to secure configuration guide here https://www.ptc.com/en/support/refdoc/ThingWorx_Kepware_Server/6.15/ThingWorx%20Kepware%20Server%20Secure%20Deployment%20Guide \n\nIf additional questions remain, please contact PTC Technical Support https://support.ptc.com/apps/case_logger_viewer/cs/auth/ssl/log \n\nFor more information, see PTC\u0027s advisory https://www.ptc.com/en/support/article/CS405439 .\n\n\n\n\n" } ], "source": { "discovery": "UNKNOWN" }, "title": "Heap Based Buffer Overflow in PTC KEPServerEx", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2023-5908", "datePublished": "2023-11-30T22:03:58.098Z", "dateReserved": "2023-11-01T16:18:42.353Z", "dateUpdated": "2024-08-02T08:14:24.586Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29446
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03 | government-resource | |
https://www.ptc.com/en/support/article/cs399528 | vendor-advisory | |
https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/ |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:07:46.304Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "government-resource", "x_transferred" ], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03" }, { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ptc.com/en/support/article/cs399528" }, { "tags": [ "x_transferred" ], "url": "https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-29446", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-14T17:23:25.379414Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-14T17:23:37.514Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Windows" ], "product": "Kepware KEPServerEX", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "0" } ] }, { "defaultStatus": "unaffected", "platforms": [ "Windows" ], "product": "ThingWorx Kepware Server", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "0" } ] }, { "defaultStatus": "unaffected", "platforms": [ "Windows" ], "product": "ThingWorx Industrial Connectivity", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "8.5", "status": "affected", "version": "8.0", "versionType": "0" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Sam Hanson of Dragos" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file. This allows an adversary to capture NLTMv2 hashes and potentially crack them offline.\u0026nbsp;" } ], "value": "An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file. This allows an adversary to capture NLTMv2 hashes and potentially crack them offline." } ], "impacts": [ { "capecId": "CAPEC-644", "descriptions": [ { "lang": "en", "value": "CAPEC-644 Use of Captured Hashes (Pass The Hash)" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-40", "description": "CWE-40: Path Traversal: \u0027\\\\UNC\\share\\name\\\u0027 (Windows UNC Share)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-08T15:13:16.725Z", "orgId": "12bdf821-1545-4a87-aac5-61670cc6fcef", "shortName": "Dragos" }, "references": [ { "tags": [ "government-resource" ], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03" }, { "tags": [ "vendor-advisory" ], "url": "https://www.ptc.com/en/support/article/cs399528" }, { "url": "https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/" } ], "source": { "discovery": "EXTERNAL" }, "title": "Improper Input Validation in PTC\u0027s Kepware KEPServerEX", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "12bdf821-1545-4a87-aac5-61670cc6fcef", "assignerShortName": "Dragos", "cveId": "CVE-2023-29446", "datePublished": "2024-01-10T20:21:51.434Z", "dateReserved": "2023-04-06T17:45:40.441Z", "dateUpdated": "2024-11-14T17:23:37.514Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5909
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-334-03 | government-resource |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:14:24.693Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "government-resource", "x_transferred" ], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-334-03" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "KEPServerEX", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ThingWorx Kepware Server", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ThingWorx Industrial Connectivity", "vendor": "PTC", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unaffected", "product": "OPC-Aggregator", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "6.14", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ThingWorx Kepware Edge", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "1.7", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "KEPServer Enterprise", "vendor": "Rockwell Automation ", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "Industrial Gateway Server", "vendor": "GE Gigital", "versions": [ { "lessThanOrEqual": "7.614", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "TOP Server", "vendor": "Software Toolbox", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Shawn Hoffman" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eKEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect.\u003c/p\u003e\u003cbr\u003e\n\n\u003cbr\u003e\n\n" } ], "value": "\n\n\n\n\n\n\n\n\nKEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect.\n\n\n\n\n\n\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-297", "description": "CWE-297 Improper Validation of Certificate with Host Mismatch", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-30T22:05:59.595Z", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert" }, "references": [ { "tags": [ "government-resource" ], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-334-03" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\n\u003cp\u003ePTC has released and recommends users to update to the following versions:\u003c/p\u003e\u003cul\u003e\u003cli\u003eKEPServerEX should upgrade to v6.15 or later\u003c/li\u003e\u003cli\u003eThingWorx Kepware Server should upgrade to v6.15 or later\u003c/li\u003e\u003cli\u003eThingWorx Industrial Connectivity should upgrade to ThingWorx Kepware Server v6.15 or later\u003c/li\u003e\u003cli\u003eOPC-Aggregator should upgrade to v6.15 or later\u003c/li\u003e\u003cli\u003eThingWorx Kepware Edge: Upgrade to v1.8 or later\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eRefer to secure configuration guide \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ptc.com/en/support/refdoc/ThingWorx_Kepware_Server/6.15/ThingWorx%20Kepware%20Server%20Secure%20Deployment%20Guide\"\u003ehere\u003c/a\u003e\u003c/p\u003e\u003cp\u003eIf additional questions remain, please contact \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.ptc.com/apps/case_logger_viewer/cs/auth/ssl/log?\"\u003ePTC Technical Support\u003c/a\u003e\u003c/p\u003e\u003cp\u003eFor more information, see PTC\u0027s \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ptc.com/en/support/article/CS405439\"\u003eadvisory\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e" } ], "value": "\nPTC has released and recommends users to update to the following versions:\n\n * KEPServerEX should upgrade to v6.15 or later\n * ThingWorx Kepware Server should upgrade to v6.15 or later\n * ThingWorx Industrial Connectivity should upgrade to ThingWorx Kepware Server v6.15 or later\n * OPC-Aggregator should upgrade to v6.15 or later\n * ThingWorx Kepware Edge: Upgrade to v1.8 or later\n\n\nRefer to secure configuration guide here https://www.ptc.com/en/support/refdoc/ThingWorx_Kepware_Server/6.15/ThingWorx%20Kepware%20Server%20Secure%20Deployment%20Guide \n\nIf additional questions remain, please contact PTC Technical Support https://support.ptc.com/apps/case_logger_viewer/cs/auth/ssl/log \n\nFor more information, see PTC\u0027s advisory https://www.ptc.com/en/support/article/CS405439 .\n\n\n\n\n" } ], "source": { "discovery": "UNKNOWN" }, "title": "Improper Validation of Certificate with Host Mismatch in PTC KEPServerEx", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2023-5909", "datePublished": "2023-11-30T22:05:59.595Z", "dateReserved": "2023-11-01T16:18:45.060Z", "dateUpdated": "2024-08-02T08:14:24.693Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0754
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:24:34.053Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-054-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "ThingWorx Edge C-SDK", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "v2.2.12.1052 ", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": ".NET-SDK", "vendor": "Microsoft", "versions": [ { "lessThanOrEqual": "v5.8.4.971 ", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ThingWorx Edge MicroServer (EMS)", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "v5.4.10.0 ", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "Kepware KEPServerEX", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "v6.12 ", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ThingWorx Kepware Server ", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "v6.12 ", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ThingWorx Industrial Connectivity", "vendor": "PTC", "versions": [ { "status": "affected", "version": "All Versions " } ] }, { "defaultStatus": "unaffected", "product": "ThingWorx Kepware Edge", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "v1.5", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "KEPServer Enterprise ", "vendor": "Rockwell Automation ", "versions": [ { "lessThanOrEqual": "v6.12", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "Digital Industrial Gateway Server ", "vendor": "General Electric ", "versions": [ { "lessThanOrEqual": "v7.612", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Chris Anastasio and Steven Seeley of Incite Team reported these vulnerabilities to CISA." } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eThe affected products are vulnerable to an integer\noverflow or wraparound, which could \u0026nbsp;allow an attacker to crash the server and remotely\nexecute arbitrary code.\u003c/p\u003e\n\n\n\n\n\n\u003cp\u003e\u003c/p\u003e\n\n\n\n\n\n" } ], "value": "\nThe affected products are vulnerable to an integer\noverflow or wraparound, which could \u00a0allow an attacker to crash the server and remotely\nexecute arbitrary code.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-23T21:27:09.964Z", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert" }, "references": [ { "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-054-01" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003ePTC has released the following resolutions:\u003c/p\u003e\n\n\u003cp\u003eUpdate the impacted product to the latest version:\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nThingWorx Edge C-SDK: 3.0.0 or later.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nThingWorx Edge MicroServer (EMS): v5.4.11 or\nlater.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\n.NET-SDK: v5.8.5 or later.\u003c/p\u003e\n\n\u003cp\u003eFor Kepware products, the vulnerability is mitigated if the\nThingWorx Interface is \u003cb\u003enot\u003c/b\u003e enabled. To use the ThingWorx Interface\nwithout the vulnerability, update to the latest version of the product:\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nKepware KEPServerEX: v6.13 or later.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nThingWorx Kepware Server (formerly ThingWorx\nIndustrial Connectivity): v6.13 or later.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nThingWorx Kepware Edge: v1.6 or later.\u003c/p\u003e\n\n\u003cp\u003eThe following products should be upgraded as indicated or in\naccordance with the applicable organization\u2019s recommendations if the ThingWorx\nInterface is in use: \u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nRockwell Automation KEPServer Enterprise: v6.13\nor later.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nGE Digital Industrial Gateway Server: v7.613 or\nlater.\u003c/p\u003e\n\n\u003cp\u003eFor\nmore information see PTC\u2019s \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ptc.com/en/support/article/CS385715\"\u003eCustomer Support Article\n\u003c/a\u003e.\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e" } ], "value": "PTC has released the following resolutions:\n\n\n\nUpdate the impacted product to the latest version:\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nThingWorx Edge C-SDK: 3.0.0 or later.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nThingWorx Edge MicroServer (EMS): v5.4.11 or\nlater.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\n.NET-SDK: v5.8.5 or later.\n\n\n\nFor Kepware products, the vulnerability is mitigated if the\nThingWorx Interface is not enabled. To use the ThingWorx Interface\nwithout the vulnerability, update to the latest version of the product:\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nKepware KEPServerEX: v6.13 or later.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nThingWorx Kepware Server (formerly ThingWorx\nIndustrial Connectivity): v6.13 or later.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nThingWorx Kepware Edge: v1.6 or later.\n\n\n\nThe following products should be upgraded as indicated or in\naccordance with the applicable organization\u2019s recommendations if the ThingWorx\nInterface is in use: \n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nRockwell Automation KEPServer Enterprise: v6.13\nor later.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nGE Digital Industrial Gateway Server: v7.613 or\nlater.\n\n\n\nFor\nmore information see PTC\u2019s Customer Support Article\n.\n\n\n\n\n\n\n\n\n" } ], "source": { "discovery": "EXTERNAL" }, "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2023-0754", "datePublished": "2023-02-23T21:27:09.964Z", "dateReserved": "2023-02-08T20:15:58.394Z", "dateUpdated": "2024-08-02T05:24:34.053Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29447
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03 | government-resource | |
https://www.ptc.com/en/support/article/cs399528 | vendor-advisory | |
https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/ |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:07:46.417Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "government-resource", "x_transferred" ], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03" }, { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ptc.com/en/support/article/cs399528" }, { "tags": [ "x_transferred" ], "url": "https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Windows" ], "product": "Kepware KEPServerEX", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "0" } ] }, { "defaultStatus": "unaffected", "platforms": [ "Windows" ], "product": "ThingWorx Kepware Server", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "0" } ] }, { "defaultStatus": "unaffected", "platforms": [ "Windows" ], "product": "ThingWorx Industrial Connectivity", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "8.5", "status": "affected", "version": "8.0", "versionType": "0" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Sam Hanson of Dragos" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to capture user credentials as the web server uses basic authentication." } ], "value": "An insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to capture user credentials as the web server uses basic authentication." } ], "impacts": [ { "capecId": "CAPEC-94", "descriptions": [ { "lang": "en", "value": "CAPEC-94 Man in the Middle Attack" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-522", "description": "CWE-522 Insufficiently Protected Credentials", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-11T15:45:53.226Z", "orgId": "12bdf821-1545-4a87-aac5-61670cc6fcef", "shortName": "Dragos" }, "references": [ { "tags": [ "government-resource" ], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03" }, { "tags": [ "vendor-advisory" ], "url": "https://www.ptc.com/en/support/article/cs399528" }, { "url": "https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/" } ], "source": { "discovery": "EXTERNAL" }, "title": "Insufficiently Protected Credentials in PTC\u0027s Kepware KEPServerEX", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "12bdf821-1545-4a87-aac5-61670cc6fcef", "assignerShortName": "Dragos", "cveId": "CVE-2023-29447", "datePublished": "2024-01-10T20:24:52.983Z", "dateReserved": "2023-04-06T17:45:40.441Z", "dateUpdated": "2024-09-11T15:45:53.226Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29445
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03 | government-resource | |
https://www.ptc.com/en/support/article/cs399528 | vendor-advisory | |
https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/ |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:07:46.126Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "government-resource", "x_transferred" ], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03" }, { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ptc.com/en/support/article/cs399528" }, { "tags": [ "x_transferred" ], "url": "https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Windows" ], "product": "Kepware KEPServerEX", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "0" } ] }, { "defaultStatus": "unaffected", "platforms": [ "Windows" ], "product": "ThingWorx Kepware Server", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "0" } ] }, { "defaultStatus": "unaffected", "platforms": [ "Windows" ], "product": "ThingWorx Industrial Connectivity", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "8.5", "status": "affected", "version": "8.0", "versionType": "0" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Sam Hanson of Dragos" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An uncontrolled search path element vulnerability (DLL hijacking) has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM." } ], "value": "An uncontrolled search path element vulnerability (DLL hijacking) has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM." } ], "impacts": [ { "capecId": "CAPEC-233", "descriptions": [ { "lang": "en", "value": "CAPEC-233 Privilege Escalation" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-427", "description": "CWE-427 Uncontrolled Search Path Element", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-10T20:17:12.837Z", "orgId": "12bdf821-1545-4a87-aac5-61670cc6fcef", "shortName": "Dragos" }, "references": [ { "tags": [ "government-resource" ], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03" }, { "tags": [ "vendor-advisory" ], "url": "https://www.ptc.com/en/support/article/cs399528" }, { "url": "https://www.dragos.com/advisory/ptcs-kepserverex-vulnerabilities/" } ], "source": { "discovery": "EXTERNAL" }, "title": "Uncontrolled Search Path Element in PTC\u0027s Kepware KEPServerEX", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "12bdf821-1545-4a87-aac5-61670cc6fcef", "assignerShortName": "Dragos", "cveId": "CVE-2023-29445", "datePublished": "2024-01-10T20:17:12.837Z", "dateReserved": "2023-04-06T17:45:40.441Z", "dateUpdated": "2024-08-02T14:07:46.126Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0755
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:24:34.155Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-054-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "ThingWorx Edge C-SDK", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "v2.2.12.1052 ", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": ".NET-SDK", "vendor": "Microsoft", "versions": [ { "lessThanOrEqual": "v5.8.4.971 ", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ThingWorx Edge MicroServer (EMS)", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "v5.4.10.0 ", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "Kepware KEPServerEX", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "v6.12 ", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ThingWorx Kepware Server ", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "v6.12 ", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ThingWorx Industrial Connectivity", "vendor": "PTC", "versions": [ { "status": "affected", "version": "All Versions " } ] }, { "defaultStatus": "unaffected", "product": "ThingWorx Kepware Edge", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "v1.5", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "KEPServer Enterprise ", "vendor": "Rockwell Automation ", "versions": [ { "lessThanOrEqual": "v6.12", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "Digital Industrial Gateway Server ", "vendor": "General Electric ", "versions": [ { "lessThanOrEqual": "v7.612", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Chris Anastasio and Steven Seeley of Incite Team reported these vulnerabilities to CISA." } ], "datePublic": "2023-02-23T17:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code.\u003c/span\u003e\n\n" } ], "value": "\nThe affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code.\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-129", "description": "CWE-129 Improper Validation of Array Index", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-23T21:23:19.210Z", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert" }, "references": [ { "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-054-01" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003ePTC has released the following resolutions:\u003c/p\u003e\n\n\u003cp\u003eUpdate the impacted product to the latest version:\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nThingWorx Edge C-SDK: 3.0.0 or later.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nThingWorx Edge MicroServer (EMS): v5.4.11 or\nlater.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\n.NET-SDK: v5.8.5 or later.\u003c/p\u003e\n\n\u003cp\u003eFor Kepware products, the vulnerability is mitigated if the\nThingWorx Interface is \u003cb\u003enot\u003c/b\u003e enabled. To use the ThingWorx Interface\nwithout the vulnerability, update to the latest version of the product:\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nKepware KEPServerEX: v6.13 or later.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nThingWorx Kepware Server (formerly ThingWorx\nIndustrial Connectivity): v6.13 or later.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nThingWorx Kepware Edge: v1.6 or later.\u003c/p\u003e\n\n\u003cp\u003eThe following products should be upgraded as indicated or in\naccordance with the applicable organization\u2019s recommendations if the ThingWorx\nInterface is in use: \u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nRockwell Automation KEPServer Enterprise: v6.13\nor later.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nGE Digital Industrial Gateway Server: v7.613 or\nlater.\u003c/p\u003e\n\n\u003cp\u003eFor\nmore information see PTC\u2019s \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ptc.com/en/support/article/CS385715\"\u003eCustomer Support Article\n\u003c/a\u003e.\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e" } ], "value": "PTC has released the following resolutions:\n\n\n\nUpdate the impacted product to the latest version:\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nThingWorx Edge C-SDK: 3.0.0 or later.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nThingWorx Edge MicroServer (EMS): v5.4.11 or\nlater.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\n.NET-SDK: v5.8.5 or later.\n\n\n\nFor Kepware products, the vulnerability is mitigated if the\nThingWorx Interface is not enabled. To use the ThingWorx Interface\nwithout the vulnerability, update to the latest version of the product:\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nKepware KEPServerEX: v6.13 or later.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nThingWorx Kepware Server (formerly ThingWorx\nIndustrial Connectivity): v6.13 or later.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nThingWorx Kepware Edge: v1.6 or later.\n\n\n\nThe following products should be upgraded as indicated or in\naccordance with the applicable organization\u2019s recommendations if the ThingWorx\nInterface is in use: \n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nRockwell Automation KEPServer Enterprise: v6.13\nor later.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nGE Digital Industrial Gateway Server: v7.613 or\nlater.\n\n\n\nFor\nmore information see PTC\u2019s Customer Support Article\n.\n\n\n\n\n\n\n\n\n" } ], "source": { "discovery": "EXTERNAL" }, "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2023-0755", "datePublished": "2023-02-23T21:23:19.210Z", "dateReserved": "2023-02-08T20:21:34.258Z", "dateUpdated": "2024-08-02T05:24:34.155Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29444
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03 | government-resource | |
https://www.ptc.com/en/support/article/cs399528 | vendor-advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:07:46.269Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "government-resource", "x_transferred" ], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03" }, { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ptc.com/en/support/article/cs399528" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Windows" ], "product": "Kepware KEPServerEX", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "0" } ] }, { "defaultStatus": "unaffected", "platforms": [ "Windows" ], "product": "ThingWorx Kepware Server", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "6.14.263.0", "status": "affected", "version": "0", "versionType": "0" } ] }, { "defaultStatus": "unaffected", "platforms": [ "Windows" ], "product": "ThingWorx Industrial Connectivity", "vendor": "PTC", "versions": [ { "lessThanOrEqual": "8.5", "status": "affected", "version": "8.0", "versionType": "0" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Sam Hanson of Dragos" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An uncontrolled search path element vulnerability (DLL hijacking) has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM. Alternatively, they could host a trojanized version of the software and trick victims into downloading and installing their malicious version to gain initial access and code execution." } ], "value": "An uncontrolled search path element vulnerability (DLL hijacking) has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM. Alternatively, they could host a trojanized version of the software and trick victims into downloading and installing their malicious version to gain initial access and code execution." } ], "impacts": [ { "capecId": "CAPEC-233", "descriptions": [ { "lang": "en", "value": "CAPEC-233 Privilege Escalation" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-427", "description": "CWE-427 Uncontrolled Search Path Element", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-10T17:06:35.965Z", "orgId": "12bdf821-1545-4a87-aac5-61670cc6fcef", "shortName": "Dragos" }, "references": [ { "tags": [ "government-resource" ], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03" }, { "tags": [ "vendor-advisory" ], "url": "https://www.ptc.com/en/support/article/cs399528" } ], "source": { "discovery": "EXTERNAL" }, "title": "Uncontrolled Search Path Element in PTC\u0027s Kepware KEPServerEX", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "12bdf821-1545-4a87-aac5-61670cc6fcef", "assignerShortName": "Dragos", "cveId": "CVE-2023-29444", "datePublished": "2024-01-10T17:06:35.965Z", "dateReserved": "2023-04-06T17:45:40.441Z", "dateUpdated": "2024-08-02T14:07:46.269Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
var-202302-1832
Vulnerability from variot
The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code. General Electric Company of digital industrial gateway server Products from other vendors contain array index validation vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. PTC ThingWorx Edge is a complete end-to-end technology platform designed for the Industrial Internet of Things (IIoT) by PTC Corporation of the United States
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202302-1832", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "kepserver enterprise", "scope": "lte", "trust": 1.0, "vendor": "rockwellautomation", "version": "6.12" }, { "model": "thingworx edge microserver", "scope": "lte", "trust": 1.0, "vendor": "ptc", "version": "5.4.10.0" }, { "model": "kepware server", "scope": "lte", "trust": 1.0, "vendor": "ptc", "version": "6.12" }, { "model": "thingworx edge c-sdk", "scope": "lte", "trust": 1.0, "vendor": "ptc", "version": "2.2.12.1052" }, { "model": "thingworx kepware edge", "scope": "lte", "trust": 1.0, "vendor": "ptc", "version": "1.5" }, { "model": "kepware serverex", "scope": "lte", "trust": 1.0, "vendor": "ptc", "version": "6.12" }, { "model": "thingworx .net-sdk", "scope": "lte", "trust": 1.0, "vendor": "ptc", "version": "5.8.4.971" }, { "model": "thingworx industrial connectivity", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": null }, { "model": "digital industrial gateway server", "scope": "lte", "trust": 1.0, "vendor": "ge", "version": "7.612" }, { "model": "thingworx edge microserver", "scope": null, "trust": 0.8, "vendor": "ptc", "version": null }, { "model": "thingworx kepware edge", "scope": null, "trust": 0.8, "vendor": "ptc", "version": null }, { "model": "digital industrial gateway server", "scope": null, "trust": 0.8, "vendor": "general electric", "version": null }, { "model": "thingworx .net-sdk", "scope": null, "trust": 0.8, "vendor": "ptc", "version": null }, { "model": "kepware serverex", "scope": null, "trust": 0.8, "vendor": "ptc", "version": null }, { "model": "kepserver enterprise", "scope": null, "trust": 0.8, "vendor": "rockwell automation", "version": null }, { "model": "thingworx edge c-sdk", "scope": null, "trust": 0.8, "vendor": "ptc", "version": null }, { "model": "thingworx industrial connectivity", "scope": null, "trust": 0.8, "vendor": "ptc", "version": null }, { "model": "kepware server", "scope": null, "trust": 0.8, "vendor": "ptc", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-004515" }, { "db": "NVD", "id": "CVE-2023-0755" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_industrial_connectivity:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "6.12", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_kepware_edge:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_.net-sdk:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "5.8.4.971", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_edge_c-sdk:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.2.12.1052", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_edge_microserver:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "5.4.10.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:kepware_serverex:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "6.12", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ge:digital_industrial_gateway_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "7.612", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:kepware_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "6.12", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2023-0755" } ] }, "cve": "CVE-2023-0755", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 9.8, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2023-0755", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2023-0755", "trust": 1.8, "value": "CRITICAL" }, { "author": "ics-cert@hq.dhs.gov", "id": "CVE-2023-0755", "trust": 1.0, "value": "CRITICAL" }, { "author": "CNNVD", "id": "CNNVD-202302-1961", "trust": 0.6, "value": "CRITICAL" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-004515" }, { "db": "NVD", "id": "CVE-2023-0755" }, { "db": "NVD", "id": "CVE-2023-0755" }, { "db": "CNNVD", "id": "CNNVD-202302-1961" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "\nThe affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code. General Electric Company of digital industrial gateway server Products from other vendors contain array index validation vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. PTC ThingWorx Edge is a complete end-to-end technology platform designed for the Industrial Internet of Things (IIoT) by PTC Corporation of the United States", "sources": [ { "db": "NVD", "id": "CVE-2023-0755" }, { "db": "JVNDB", "id": "JVNDB-2023-004515" }, { "db": "CNNVD", "id": "CNNVD-202302-1961" }, { "db": "VULHUB", "id": "VHN-454621" }, { "db": "VULMON", "id": "CVE-2023-0755" } ], "trust": 2.34 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-0755", "trust": 3.4 }, { "db": "ICS CERT", "id": "ICSA-23-054-01", "trust": 2.6 }, { "db": "JVN", "id": "JVNVU92776796", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2023-004515", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2023.1203", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202302-1961", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-454621", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2023-0755", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-454621" }, { "db": "VULMON", "id": "CVE-2023-0755" }, { "db": "JVNDB", "id": "JVNDB-2023-004515" }, { "db": "NVD", "id": "CVE-2023-0755" }, { "db": "CNNVD", "id": "CNNVD-202302-1961" } ] }, "id": "VAR-202302-1832", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-454621" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T12:54:30.275000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "PTC ThingWorx Edge Enter the fix for the verification error vulnerability", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=234214" } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-202302-1961" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-129", "trust": 1.1 }, { "problemtype": "Improper validation of array indexes (CWE-129) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-454621" }, { "db": "JVNDB", "id": "JVNDB-2023-004515" }, { "db": "NVD", "id": "CVE-2023-0755" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.7, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-054-01" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu92776796/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0755" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2023-0755/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.1203" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/129.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULHUB", "id": "VHN-454621" }, { "db": "VULMON", "id": "CVE-2023-0755" }, { "db": "JVNDB", "id": "JVNDB-2023-004515" }, { "db": "NVD", "id": "CVE-2023-0755" }, { "db": "CNNVD", "id": "CNNVD-202302-1961" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-454621" }, { "db": "VULMON", "id": "CVE-2023-0755" }, { "db": "JVNDB", "id": "JVNDB-2023-004515" }, { "db": "NVD", "id": "CVE-2023-0755" }, { "db": "CNNVD", "id": "CNNVD-202302-1961" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-02-23T00:00:00", "db": "VULHUB", "id": "VHN-454621" }, { "date": "2023-02-23T00:00:00", "db": "VULMON", "id": "CVE-2023-0755" }, { "date": "2023-10-31T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-004515" }, { "date": "2023-02-23T22:15:11.427000", "db": "NVD", "id": "CVE-2023-0755" }, { "date": "2023-02-23T00:00:00", "db": "CNNVD", "id": "CNNVD-202302-1961" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-03-03T00:00:00", "db": "VULHUB", "id": "VHN-454621" }, { "date": "2023-02-23T00:00:00", "db": "VULMON", "id": "CVE-2023-0755" }, { "date": "2023-10-31T01:55:00", "db": "JVNDB", "id": "JVNDB-2023-004515" }, { "date": "2023-11-07T04:01:23.837000", "db": "NVD", "id": "CVE-2023-0755" }, { "date": "2023-04-20T00:00:00", "db": "CNNVD", "id": "CNNVD-202302-1961" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202302-1961" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "General\u00a0Electric\u00a0Company\u00a0 of \u00a0digital\u00a0industrial\u00a0gateway\u00a0server\u00a0 Vulnerability related to array index validation in products from other vendors", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-004515" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202302-1961" } ], "trust": 0.6 } }
var-202101-0378
Vulnerability from variot
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data. PTC The following vulnerabilities exist in multiple products provided by the company. ‥ * Stack-based buffer overflow (CWE-121) - CVE-2020-27265 ‥ * Heap-based buffer overflow (CWE-122) - CVE-2020-27263 ‥ * Use of freed memory (use-after-free) (CWE-416) - CVE-2020-27267 ‥ * Inappropriate default permissions (CWE-276) - CVE-2020-13535The expected impact depends on each vulnerability, but it may be affected as follows. Kepware Kepserverex is an application software of American Kepware Company that can communicate with a variety of industrial equipment. The software supports more than 150 communication protocols and supports reliable real-time data for enterprises through a single platform
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202101-0378", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "thingworx kepware server", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": "6.9" }, { "model": "kepware kepserverex", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": "6.9" }, { "model": "thingworx kepware server", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": "6.8" }, { "model": "kepserver enterprise", "scope": "eq", "trust": 1.0, "vendor": "rockwellautomation", "version": "6.9.572.0" }, { "model": "industrial gateway server", "scope": "eq", "trust": 1.0, "vendor": "ge", "version": "7.68.804" }, { "model": "kepware kepserverex", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": "6.0" }, { "model": "opc-aggregator", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": null }, { "model": "kepserver enterprise", "scope": "eq", "trust": 1.0, "vendor": "rockwellautomation", "version": "6.6.504.0" }, { "model": "top server", "scope": "gte", "trust": 1.0, "vendor": "softwaretoolbox", "version": "6.0" }, { "model": "industrial gateway server", "scope": "eq", "trust": 1.0, "vendor": "ge", "version": "7.66" }, { "model": "top server", "scope": "lte", "trust": 1.0, "vendor": "softwaretoolbox", "version": "6.9" }, { "model": "thingworx industrial connectivity", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": null }, { "model": "industrial gateway server", "scope": "eq", "trust": 0.8, "vendor": "ge digital", "version": "version 7.68.804 \u304a\u3088\u3073 version 7.66" }, { "model": "kepserverex", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "version 6.0 \u304b\u3089 version 6.9" }, { "model": "kepware linkmaster", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "version 3.0.94.0" }, { "model": "opc-aggregator", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "\u3059\u3079\u3066" }, { "model": "thingworx industrial connectivity", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "\u3059\u3079\u3066" }, { "model": "thingworx kepware server", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "version 6.8 \u304a\u3088\u3073 version 6.9" }, { "model": "kepserver enterprise", "scope": null, "trust": 0.8, "vendor": "rockwell automation", "version": null }, { "model": "top server", "scope": "eq", "trust": 0.8, "vendor": "toolbox", "version": "6\u7cfb\u306e\u3059\u3079\u3066" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27263" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:ge:industrial_gateway_server:7.66:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ge:industrial_gateway_server:7.68.804:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:kepware_kepserverex:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:kepware_kepserverex:6.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:opc-aggregator:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_industrial_connectivity:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_kepware_server:6.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_kepware_server:6.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.6.504.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.9.572.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:softwaretoolbox:top_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "6.9", "versionStartIncluding": "6.0", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-27263" } ] }, "cve": "CVE-2020-27263", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 4.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-370749", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "impactScore": 5.2, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "IPA score", "availabilityImpact": "High", "baseScore": 9.8, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-010092", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "IPA score", "availabilityImpact": "High", "baseScore": 9.1, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-010092", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "IPA score", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2020-010092", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "IPA score", "availabilityImpact": "High", "baseScore": 9.3, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-010092", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Changed", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "IPA", "id": "JVNDB-2020-010092", "trust": 2.4, "value": "Critical" }, { "author": "NVD", "id": "CVE-2020-27263", "trust": 1.0, "value": "CRITICAL" }, { "author": "IPA", "id": "JVNDB-2020-010092", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-202012-1301", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-370749", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-370749" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27263" }, { "db": "CNNVD", "id": "CNNVD-202012-1301" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data. PTC The following vulnerabilities exist in multiple products provided by the company. \u2025 * Stack-based buffer overflow (CWE-121) - CVE-2020-27265 \u2025 * Heap-based buffer overflow (CWE-122) - CVE-2020-27263 \u2025 * Use of freed memory (use-after-free) (CWE-416) - CVE-2020-27267 \u2025 * Inappropriate default permissions (CWE-276) - CVE-2020-13535The expected impact depends on each vulnerability, but it may be affected as follows. Kepware Kepserverex is an application software of American Kepware Company that can communicate with a variety of industrial equipment. The software supports more than 150 communication protocols and supports reliable real-time data for enterprises through a single platform", "sources": [ { "db": "NVD", "id": "CVE-2020-27263" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "VULHUB", "id": "VHN-370749" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "ICS CERT", "id": "ICSA-20-352-02", "trust": 2.5 }, { "db": "NVD", "id": "CVE-2020-27263", "trust": 2.5 }, { "db": "JVN", "id": "JVNVU98489812", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-20-352-03", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2020-010092", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202012-1301", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2020.4481", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-370749", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-370749" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27263" }, { "db": "CNNVD", "id": "CNNVD-202012-1301" } ] }, "id": "VAR-202101-0378", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-370749" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T13:07:19.688000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Customer Center", "trust": 0.8, "url": "https://digitalsupport.ge.com/communities/cc_login?starturl=%2fen_us%2fdownload%2figs-industrial-gateway-server-v7-xx" }, { "title": "GE Digital Product Security Advisory", "trust": 0.8, "url": "https://digitalsupport.ge.com/communities/servlet/filefield?returl=%2fcommunities%2fapex%2fknowledgedetail%3fid%3dka20h0000000dpqcaa%26lang%3den_us%26type%3darticle__kav\u0026entityid=ka20h00000013uhaaq\u0026field=file_1__body__s" }, { "title": "My Kepware Customer Self-Service Portal", "trust": 0.8, "url": "https://my.kepware.com/s/login/?ec=302\u0026starturl=%2fs%2f" }, { "title": "PTC eSupport", "trust": 0.8, "url": "https://support.ptc.com/appserver/common/login/ssl/login.jsp?dest=%2fappserver%2fcs%2fportal%2f\u0026msg=1" }, { "title": "Kepserver Enterprise", "trust": 0.8, "url": "https://rockwellautomation.custhelp.com/app/products/detail/categoryrecordid/rn_product_611/p/611/~/kepserver-enterprise" }, { "title": "CISA Advisory ICSA-20-352-02 - TOP Server OPC UA Server Interface Vulnerability", "trust": 0.8, "url": "https://support.softwaretoolbox.com/app/answers/detail/a_id/3924" }, { "title": "PTC Kepware KEPServerEX Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=137540" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "CNNVD", "id": "CNNVD-202012-1301" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-787", "trust": 1.1 }, { "problemtype": "CWE-121", "trust": 0.8 }, { "problemtype": "CWE-122", "trust": 0.8 }, { "problemtype": "CWE-416", "trust": 0.8 }, { "problemtype": "CWE-276", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-370749" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27263" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-13535" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27263" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27265" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27267" }, { "trust": 0.8, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-03" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98489812" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.4481/" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-27263" } ], "sources": [ { "db": "VULHUB", "id": "VHN-370749" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27263" }, { "db": "CNNVD", "id": "CNNVD-202012-1301" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-370749" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27263" }, { "db": "CNNVD", "id": "CNNVD-202012-1301" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-01-14T00:00:00", "db": "VULHUB", "id": "VHN-370749" }, { "date": "2020-12-21T09:01:13", "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "date": "2021-01-14T00:15:13.353000", "db": "NVD", "id": "CVE-2020-27263" }, { "date": "2020-12-17T00:00:00", "db": "CNNVD", "id": "CNNVD-202012-1301" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-01-21T00:00:00", "db": "VULHUB", "id": "VHN-370749" }, { "date": "2020-12-21T09:01:13", "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "date": "2021-01-21T16:10:30.217000", "db": "NVD", "id": "CVE-2020-27263" }, { "date": "2021-01-22T00:00:00", "db": "CNNVD", "id": "CNNVD-202012-1301" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202012-1301" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural PTC Product vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-010092" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202012-1301" } ], "trust": 0.6 } }
var-202101-0382
Vulnerability from variot
KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versions), OPC-Aggregator (all versions), Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server v7.68.804 and v7.66, and Software Toolbox TOP Server all 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data. PTC The following vulnerabilities exist in multiple products provided by the company. ‥ * Stack-based buffer overflow (CWE-121) - CVE-2020-27265 ‥ * Heap-based buffer overflow (CWE-122) - CVE-2020-27263 ‥ * Use of freed memory (use-after-free) (CWE-416) - CVE-2020-27267 ‥ * Inappropriate default permissions (CWE-276) - CVE-2020-13535The expected impact depends on each vulnerability, but it may be affected as follows. Kepware Kepserverex is an application software of American Kepware Company that can communicate with a variety of industrial equipment. The software supports more than 150 communication protocols and supports reliable real-time data for enterprises through a single platform. A security vulnerability exists in PTC Kepware KEPServerEX that could allow a remote attacker to cause the application to crash
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202101-0382", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "thingworx kepware server", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": "6.9" }, { "model": "kepware kepserverex", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": "6.9" }, { "model": "thingworx kepware server", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": "6.8" }, { "model": "kepserver enterprise", "scope": "eq", "trust": 1.0, "vendor": "rockwellautomation", "version": "6.9.572.0" }, { "model": "industrial gateway server", "scope": "eq", "trust": 1.0, "vendor": "ge", "version": "7.68.804" }, { "model": "kepware kepserverex", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": "6.0" }, { "model": "opc-aggregator", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": null }, { "model": "kepserver enterprise", "scope": "eq", "trust": 1.0, "vendor": "rockwellautomation", "version": "6.6.504.0" }, { "model": "top server", "scope": "gte", "trust": 1.0, "vendor": "softwaretoolbox", "version": "6.0" }, { "model": "industrial gateway server", "scope": "eq", "trust": 1.0, "vendor": "ge", "version": "7.66" }, { "model": "top server", "scope": "lte", "trust": 1.0, "vendor": "softwaretoolbox", "version": "6.9" }, { "model": "thingworx industrial connectivity", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": null }, { "model": "industrial gateway server", "scope": "eq", "trust": 0.8, "vendor": "ge digital", "version": "version 7.68.804 \u304a\u3088\u3073 version 7.66" }, { "model": "kepserverex", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "version 6.0 \u304b\u3089 version 6.9" }, { "model": "kepware linkmaster", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "version 3.0.94.0" }, { "model": "opc-aggregator", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "\u3059\u3079\u3066" }, { "model": "thingworx industrial connectivity", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "\u3059\u3079\u3066" }, { "model": "thingworx kepware server", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "version 6.8 \u304a\u3088\u3073 version 6.9" }, { "model": "kepserver enterprise", "scope": null, "trust": 0.8, "vendor": "rockwell automation", "version": null }, { "model": "top server", "scope": "eq", "trust": 0.8, "vendor": "toolbox", "version": "6\u7cfb\u306e\u3059\u3079\u3066" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27267" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:ge:industrial_gateway_server:7.66:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ge:industrial_gateway_server:7.68.804:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:kepware_kepserverex:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:kepware_kepserverex:6.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:opc-aggregator:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_industrial_connectivity:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_kepware_server:6.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_kepware_server:6.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.6.504.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.9.572.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:softwaretoolbox:top_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "6.9", "versionStartIncluding": "6.0", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-27267" } ] }, "cve": "CVE-2020-27267", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 4.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-370757", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "impactScore": 5.2, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "IPA score", "availabilityImpact": "High", "baseScore": 9.8, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-010092", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "IPA score", "availabilityImpact": "High", "baseScore": 9.1, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-010092", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "IPA score", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2020-010092", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "IPA score", "availabilityImpact": "High", "baseScore": 9.3, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-010092", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Changed", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "IPA", "id": "JVNDB-2020-010092", "trust": 2.4, "value": "Critical" }, { "author": "NVD", "id": "CVE-2020-27267", "trust": 1.0, "value": "CRITICAL" }, { "author": "IPA", "id": "JVNDB-2020-010092", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-202012-1299", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-370757", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-370757" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27267" }, { "db": "CNNVD", "id": "CNNVD-202012-1299" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versions), OPC-Aggregator (all versions), Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server v7.68.804 and v7.66, and Software Toolbox TOP Server all 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data. PTC The following vulnerabilities exist in multiple products provided by the company. \u2025 * Stack-based buffer overflow (CWE-121) - CVE-2020-27265 \u2025 * Heap-based buffer overflow (CWE-122) - CVE-2020-27263 \u2025 * Use of freed memory (use-after-free) (CWE-416) - CVE-2020-27267 \u2025 * Inappropriate default permissions (CWE-276) - CVE-2020-13535The expected impact depends on each vulnerability, but it may be affected as follows. Kepware Kepserverex is an application software of American Kepware Company that can communicate with a variety of industrial equipment. The software supports more than 150 communication protocols and supports reliable real-time data for enterprises through a single platform. A security vulnerability exists in PTC Kepware KEPServerEX that could allow a remote attacker to cause the application to crash", "sources": [ { "db": "NVD", "id": "CVE-2020-27267" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "VULHUB", "id": "VHN-370757" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-27267", "trust": 2.5 }, { "db": "ICS CERT", "id": "ICSA-20-352-02", "trust": 2.5 }, { "db": "JVN", "id": "JVNVU98489812", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-20-352-03", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2020-010092", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202012-1299", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2020.4481", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-370757", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-370757" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27267" }, { "db": "CNNVD", "id": "CNNVD-202012-1299" } ] }, "id": "VAR-202101-0382", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-370757" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T13:07:19.736000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Customer Center", "trust": 0.8, "url": "https://digitalsupport.ge.com/communities/cc_login?starturl=%2fen_us%2fdownload%2figs-industrial-gateway-server-v7-xx" }, { "title": "GE Digital Product Security Advisory", "trust": 0.8, "url": "https://digitalsupport.ge.com/communities/servlet/filefield?returl=%2fcommunities%2fapex%2fknowledgedetail%3fid%3dka20h0000000dpqcaa%26lang%3den_us%26type%3darticle__kav\u0026entityid=ka20h00000013uhaaq\u0026field=file_1__body__s" }, { "title": "My Kepware Customer Self-Service Portal", "trust": 0.8, "url": "https://my.kepware.com/s/login/?ec=302\u0026starturl=%2fs%2f" }, { "title": "PTC eSupport", "trust": 0.8, "url": "https://support.ptc.com/appserver/common/login/ssl/login.jsp?dest=%2fappserver%2fcs%2fportal%2f\u0026msg=1" }, { "title": "Kepserver Enterprise", "trust": 0.8, "url": "https://rockwellautomation.custhelp.com/app/products/detail/categoryrecordid/rn_product_611/p/611/~/kepserver-enterprise" }, { "title": "CISA Advisory ICSA-20-352-02 - TOP Server OPC UA Server Interface Vulnerability", "trust": 0.8, "url": "https://support.softwaretoolbox.com/app/answers/detail/a_id/3924" }, { "title": "Kepware KEPServerEX Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=137769" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "CNNVD", "id": "CNNVD-202012-1299" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-787", "trust": 1.1 }, { "problemtype": "CWE-121", "trust": 0.8 }, { "problemtype": "CWE-122", "trust": 0.8 }, { "problemtype": "CWE-416", "trust": 0.8 }, { "problemtype": "CWE-276", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-370757" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27267" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-13535" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27263" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27265" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27267" }, { "trust": 0.8, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-03" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98489812" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.4481/" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-27267" } ], "sources": [ { "db": "VULHUB", "id": "VHN-370757" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27267" }, { "db": "CNNVD", "id": "CNNVD-202012-1299" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-370757" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27267" }, { "db": "CNNVD", "id": "CNNVD-202012-1299" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-01-14T00:00:00", "db": "VULHUB", "id": "VHN-370757" }, { "date": "2020-12-21T09:01:13", "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "date": "2021-01-14T00:15:13.510000", "db": "NVD", "id": "CVE-2020-27267" }, { "date": "2020-12-17T00:00:00", "db": "CNNVD", "id": "CNNVD-202012-1299" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-01-21T00:00:00", "db": "VULHUB", "id": "VHN-370757" }, { "date": "2020-12-21T09:01:13", "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "date": "2021-01-21T16:16:31.057000", "db": "NVD", "id": "CVE-2020-27267" }, { "date": "2021-01-22T00:00:00", "db": "CNNVD", "id": "CNNVD-202012-1299" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202012-1299" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural PTC Product vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-010092" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202012-1299" } ], "trust": 0.6 } }
var-202101-0380
Vulnerability from variot
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code. PTC The following vulnerabilities exist in multiple products provided by the company. ‥ * Stack-based buffer overflow (CWE-121) - CVE-2020-27265 ‥ * Heap-based buffer overflow (CWE-122) - CVE-2020-27263 ‥ * Use of freed memory (use-after-free) (CWE-416) - CVE-2020-27267 ‥ * Inappropriate default permissions (CWE-276) - CVE-2020-13535The expected impact depends on each vulnerability, but it may be affected as follows. Kepware Kepserverex is an application software of American Kepware Company that can communicate with a variety of industrial equipment. The software supports more than 150 communication protocols and supports reliable real-time data for enterprises through a single platform
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202101-0380", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "thingworx kepware server", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": "6.9" }, { "model": "kepware kepserverex", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": "6.9" }, { "model": "thingworx kepware server", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": "6.8" }, { "model": "kepserver enterprise", "scope": "eq", "trust": 1.0, "vendor": "rockwellautomation", "version": "6.9.572.0" }, { "model": "industrial gateway server", "scope": "eq", "trust": 1.0, "vendor": "ge", "version": "7.68.804" }, { "model": "kepware kepserverex", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": "6.0" }, { "model": "opc-aggregator", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": null }, { "model": "kepserver enterprise", "scope": "eq", "trust": 1.0, "vendor": "rockwellautomation", "version": "6.6.504.0" }, { "model": "top server", "scope": "gte", "trust": 1.0, "vendor": "softwaretoolbox", "version": "6.0" }, { "model": "industrial gateway server", "scope": "eq", "trust": 1.0, "vendor": "ge", "version": "7.66" }, { "model": "top server", "scope": "lte", "trust": 1.0, "vendor": "softwaretoolbox", "version": "6.9" }, { "model": "thingworx industrial connectivity", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": null }, { "model": "industrial gateway server", "scope": "eq", "trust": 0.8, "vendor": "ge digital", "version": "version 7.68.804 \u304a\u3088\u3073 version 7.66" }, { "model": "kepserverex", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "version 6.0 \u304b\u3089 version 6.9" }, { "model": "kepware linkmaster", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "version 3.0.94.0" }, { "model": "opc-aggregator", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "\u3059\u3079\u3066" }, { "model": "thingworx industrial connectivity", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "\u3059\u3079\u3066" }, { "model": "thingworx kepware server", "scope": "eq", "trust": 0.8, "vendor": "ptc", "version": "version 6.8 \u304a\u3088\u3073 version 6.9" }, { "model": "kepserver enterprise", "scope": null, "trust": 0.8, "vendor": "rockwell automation", "version": null }, { "model": "top server", "scope": "eq", "trust": 0.8, "vendor": "toolbox", "version": "6\u7cfb\u306e\u3059\u3079\u3066" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27265" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:ge:industrial_gateway_server:7.66:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ge:industrial_gateway_server:7.68.804:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:kepware_kepserverex:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:kepware_kepserverex:6.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:opc-aggregator:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_industrial_connectivity:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_kepware_server:6.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_kepware_server:6.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.6.504.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.9.572.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:softwaretoolbox:top_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "6.9", "versionStartIncluding": "6.0", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-27265" } ] }, "cve": "CVE-2020-27265", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-370753", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "IPA score", "availabilityImpact": "High", "baseScore": 9.8, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-010092", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "IPA score", "availabilityImpact": "High", "baseScore": 9.1, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-010092", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "IPA score", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2020-010092", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "IPA score", "availabilityImpact": "High", "baseScore": 9.3, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-010092", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Changed", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "IPA", "id": "JVNDB-2020-010092", "trust": 2.4, "value": "Critical" }, { "author": "NVD", "id": "CVE-2020-27265", "trust": 1.0, "value": "CRITICAL" }, { "author": "IPA", "id": "JVNDB-2020-010092", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-202012-1305", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-370753", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-370753" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27265" }, { "db": "CNNVD", "id": "CNNVD-202012-1305" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code. PTC The following vulnerabilities exist in multiple products provided by the company. \u2025 * Stack-based buffer overflow (CWE-121) - CVE-2020-27265 \u2025 * Heap-based buffer overflow (CWE-122) - CVE-2020-27263 \u2025 * Use of freed memory (use-after-free) (CWE-416) - CVE-2020-27267 \u2025 * Inappropriate default permissions (CWE-276) - CVE-2020-13535The expected impact depends on each vulnerability, but it may be affected as follows. Kepware Kepserverex is an application software of American Kepware Company that can communicate with a variety of industrial equipment. The software supports more than 150 communication protocols and supports reliable real-time data for enterprises through a single platform", "sources": [ { "db": "NVD", "id": "CVE-2020-27265" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "VULHUB", "id": "VHN-370753" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "ICS CERT", "id": "ICSA-20-352-02", "trust": 2.5 }, { "db": "NVD", "id": "CVE-2020-27265", "trust": 2.5 }, { "db": "JVN", "id": "JVNVU98489812", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-20-352-03", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2020-010092", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202012-1305", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2020.4481", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-370753", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-370753" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27265" }, { "db": "CNNVD", "id": "CNNVD-202012-1305" } ] }, "id": "VAR-202101-0380", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-370753" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T13:07:19.712000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Customer Center", "trust": 0.8, "url": "https://digitalsupport.ge.com/communities/cc_login?starturl=%2fen_us%2fdownload%2figs-industrial-gateway-server-v7-xx" }, { "title": "GE Digital Product Security Advisory", "trust": 0.8, "url": "https://digitalsupport.ge.com/communities/servlet/filefield?returl=%2fcommunities%2fapex%2fknowledgedetail%3fid%3dka20h0000000dpqcaa%26lang%3den_us%26type%3darticle__kav\u0026entityid=ka20h00000013uhaaq\u0026field=file_1__body__s" }, { "title": "My Kepware Customer Self-Service Portal", "trust": 0.8, "url": "https://my.kepware.com/s/login/?ec=302\u0026starturl=%2fs%2f" }, { "title": "PTC eSupport", "trust": 0.8, "url": "https://support.ptc.com/appserver/common/login/ssl/login.jsp?dest=%2fappserver%2fcs%2fportal%2f\u0026msg=1" }, { "title": "Kepserver Enterprise", "trust": 0.8, "url": "https://rockwellautomation.custhelp.com/app/products/detail/categoryrecordid/rn_product_611/p/611/~/kepserver-enterprise" }, { "title": "CISA Advisory ICSA-20-352-02 - TOP Server OPC UA Server Interface Vulnerability", "trust": 0.8, "url": "https://support.softwaretoolbox.com/app/answers/detail/a_id/3924" }, { "title": "Multiple Kepware Product security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=137773" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "CNNVD", "id": "CNNVD-202012-1305" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-787", "trust": 1.1 }, { "problemtype": "CWE-121", "trust": 0.8 }, { "problemtype": "CWE-122", "trust": 0.8 }, { "problemtype": "CWE-416", "trust": 0.8 }, { "problemtype": "CWE-276", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-370753" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27265" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-13535" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27263" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27265" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27267" }, { "trust": 0.8, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-03" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98489812" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.4481/" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-27265" } ], "sources": [ { "db": "VULHUB", "id": "VHN-370753" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27265" }, { "db": "CNNVD", "id": "CNNVD-202012-1305" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-370753" }, { "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "db": "NVD", "id": "CVE-2020-27265" }, { "db": "CNNVD", "id": "CNNVD-202012-1305" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-01-14T00:00:00", "db": "VULHUB", "id": "VHN-370753" }, { "date": "2020-12-21T09:01:13", "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "date": "2021-01-14T00:15:13.417000", "db": "NVD", "id": "CVE-2020-27265" }, { "date": "2020-12-17T00:00:00", "db": "CNNVD", "id": "CNNVD-202012-1305" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-01-21T00:00:00", "db": "VULHUB", "id": "VHN-370753" }, { "date": "2020-12-21T09:01:13", "db": "JVNDB", "id": "JVNDB-2020-010092" }, { "date": "2021-01-21T16:20:52.077000", "db": "NVD", "id": "CVE-2020-27265" }, { "date": "2021-01-22T00:00:00", "db": "CNNVD", "id": "CNNVD-202012-1305" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202012-1305" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural PTC Product vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-010092" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202012-1305" } ], "trust": 0.6 } }
var-202302-1840
Vulnerability from variot
The affected products are vulnerable to an integer overflow or wraparound, which could allow an attacker to crash the server and remotely execute arbitrary code. General Electric Company of digital industrial gateway server Products from other vendors contain integer overflow vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. PTC ThingWorx Edge is a complete end-to-end technology platform designed for the Industrial Internet of Things (IIoT) by PTC Corporation of the United States. ThingWorx Edge C-SDK version 2.2.12.1052 and earlier versions have an input validation error vulnerability, which is caused by integer overflow
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202302-1840", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "kepserver enterprise", "scope": "lte", "trust": 1.0, "vendor": "rockwellautomation", "version": "6.12" }, { "model": "thingworx edge microserver", "scope": "lte", "trust": 1.0, "vendor": "ptc", "version": "5.4.10.0" }, { "model": "thingworx industrial connectivity", "scope": "eq", "trust": 1.0, "vendor": "ptc", "version": "*" }, { "model": "kepware server", "scope": "lte", "trust": 1.0, "vendor": "ptc", "version": "6.12" }, { "model": "thingworx edge c-sdk", "scope": "lte", "trust": 1.0, "vendor": "ptc", "version": "2.2.12.1052" }, { "model": "thingworx kepware edge", "scope": "lte", "trust": 1.0, "vendor": "ptc", "version": "1.5" }, { "model": "kepware serverex", "scope": "lte", "trust": 1.0, "vendor": "ptc", "version": "6.12" }, { "model": "thingworx .net-sdk", "scope": "lte", "trust": 1.0, "vendor": "ptc", "version": "5.8.4.971" }, { "model": "digital industrial gateway server", "scope": "lte", "trust": 1.0, "vendor": "ge", "version": "7.612" }, { "model": "thingworx edge microserver", "scope": null, "trust": 0.8, "vendor": "ptc", "version": null }, { "model": "thingworx kepware edge", "scope": null, "trust": 0.8, "vendor": "ptc", "version": null }, { "model": "digital industrial gateway server", "scope": null, "trust": 0.8, "vendor": "general electric", "version": null }, { "model": "thingworx .net-sdk", "scope": null, "trust": 0.8, "vendor": "ptc", "version": null }, { "model": "kepware serverex", "scope": null, "trust": 0.8, "vendor": "ptc", "version": null }, { "model": "kepserver enterprise", "scope": null, "trust": 0.8, "vendor": "rockwell automation", "version": null }, { "model": "thingworx edge c-sdk", "scope": null, "trust": 0.8, "vendor": "ptc", "version": null }, { "model": "thingworx industrial connectivity", "scope": null, "trust": 0.8, "vendor": "ptc", "version": null }, { "model": "kepware server", "scope": null, "trust": 0.8, "vendor": "ptc", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-004519" }, { "db": "NVD", "id": "CVE-2023-0754" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "6.12", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_kepware_edge:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_.net-sdk:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "5.8.4.971", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_edge_c-sdk:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.2.12.1052", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_edge_microserver:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "5.4.10.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:kepware_serverex:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "6.12", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ge:digital_industrial_gateway_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "7.612", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:kepware_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "6.12", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ptc:thingworx_industrial_connectivity:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2023-0754" } ] }, "cve": "CVE-2023-0754", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 9.8, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2023-0754", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2023-0754", "trust": 1.8, "value": "CRITICAL" }, { "author": "ics-cert@hq.dhs.gov", "id": "CVE-2023-0754", "trust": 1.0, "value": "CRITICAL" }, { "author": "CNNVD", "id": "CNNVD-202302-1949", "trust": 0.6, "value": "CRITICAL" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-004519" }, { "db": "NVD", "id": "CVE-2023-0754" }, { "db": "NVD", "id": "CVE-2023-0754" }, { "db": "CNNVD", "id": "CNNVD-202302-1949" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "\nThe affected products are vulnerable to an integer\noverflow or wraparound, which could \u00a0allow an attacker to crash the server and remotely\nexecute arbitrary code. General Electric Company of digital industrial gateway server Products from other vendors contain integer overflow vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. PTC ThingWorx Edge is a complete end-to-end technology platform designed for the Industrial Internet of Things (IIoT) by PTC Corporation of the United States. \nThingWorx Edge C-SDK version 2.2.12.1052 and earlier versions have an input validation error vulnerability, which is caused by integer overflow", "sources": [ { "db": "NVD", "id": "CVE-2023-0754" }, { "db": "JVNDB", "id": "JVNDB-2023-004519" }, { "db": "CNNVD", "id": "CNNVD-202302-1949" }, { "db": "VULHUB", "id": "VHN-454620" }, { "db": "VULMON", "id": "CVE-2023-0754" } ], "trust": 2.34 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-0754", "trust": 3.4 }, { "db": "ICS CERT", "id": "ICSA-23-054-01", "trust": 2.6 }, { "db": "JVN", "id": "JVNVU92776796", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2023-004519", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2023.1203", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202302-1949", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-454620", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2023-0754", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-454620" }, { "db": "VULMON", "id": "CVE-2023-0754" }, { "db": "JVNDB", "id": "JVNDB-2023-004519" }, { "db": "NVD", "id": "CVE-2023-0754" }, { "db": "CNNVD", "id": "CNNVD-202302-1949" } ] }, "id": "VAR-202302-1840", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-454620" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T12:54:30.303000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "PTC ThingWorx Edge Enter the fix for the verification error vulnerability", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=234213" } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-202302-1949" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-190", "trust": 1.1 }, { "problemtype": "Integer overflow or wraparound (CWE-190) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-454620" }, { "db": "JVNDB", "id": "JVNDB-2023-004519" }, { "db": "NVD", "id": "CVE-2023-0754" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.7, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-054-01" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu92776796/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0754" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2023-0754/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.1203" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/190.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULHUB", "id": "VHN-454620" }, { "db": "VULMON", "id": "CVE-2023-0754" }, { "db": "JVNDB", "id": "JVNDB-2023-004519" }, { "db": "NVD", "id": "CVE-2023-0754" }, { "db": "CNNVD", "id": "CNNVD-202302-1949" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-454620" }, { "db": "VULMON", "id": "CVE-2023-0754" }, { "db": "JVNDB", "id": "JVNDB-2023-004519" }, { "db": "NVD", "id": "CVE-2023-0754" }, { "db": "CNNVD", "id": "CNNVD-202302-1949" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-02-23T00:00:00", "db": "VULHUB", "id": "VHN-454620" }, { "date": "2023-02-23T00:00:00", "db": "VULMON", "id": "CVE-2023-0754" }, { "date": "2023-10-31T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-004519" }, { "date": "2023-02-23T22:15:11.333000", "db": "NVD", "id": "CVE-2023-0754" }, { "date": "2023-02-23T00:00:00", "db": "CNNVD", "id": "CNNVD-202302-1949" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-03-03T00:00:00", "db": "VULHUB", "id": "VHN-454620" }, { "date": "2023-02-23T00:00:00", "db": "VULMON", "id": "CVE-2023-0754" }, { "date": "2023-10-31T02:04:00", "db": "JVNDB", "id": "JVNDB-2023-004519" }, { "date": "2023-11-07T04:01:23.633000", "db": "NVD", "id": "CVE-2023-0754" }, { "date": "2023-04-20T00:00:00", "db": "CNNVD", "id": "CNNVD-202302-1949" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202302-1949" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "General\u00a0Electric\u00a0Company\u00a0 of \u00a0digital\u00a0industrial\u00a0gateway\u00a0server\u00a0 Integer overflow vulnerability in products from other vendors", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-004519" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202302-1949" } ], "trust": 0.6 } }