cvelistv5 - CVE-2020-27263

CVE-2020-27263 (GCVE-0-2020-27263)

Vulnerability from cvelistv5 – Published: 2021-01-13 23:30 – Updated: 2024-08-04 16:11

Summary

Severity ?

No CVSS data available.

CWE

CWE-122 - HEAP-BASED BUFFER OVERFLOW CWE-122

Assigner

icscert

References

URL

VAR-202101-0378

Vulnerability from variot - Updated: 2023-12-18 13:07

KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data. PTC The following vulnerabilities exist in multiple products provided by the company. ‥ * Stack-based buffer overflow (CWE-121) - CVE-2020-27265 ‥ * Heap-based buffer overflow (CWE-122) - CVE-2020-27263 ‥ * Use of freed memory (use-after-free) (CWE-416) - CVE-2020-27267 ‥ * Inappropriate default permissions (CWE-276) - CVE-2020-13535The expected impact depends on each vulnerability, but it may be affected as follows. Kepware Kepserverex is an application software of American Kepware Company that can communicate with a variety of industrial equipment. The software supports more than 150 communication protocols and supports reliable real-time data for enterprises through a single platform

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202101-0378",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "thingworx kepware server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ptc",
        "version": "6.9"
      },
      {
        "model": "kepware kepserverex",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ptc",
        "version": "6.9"
      },
      {
        "model": "thingworx kepware server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ptc",
        "version": "6.8"
      },
      {
        "model": "kepserver enterprise",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "6.9.572.0"
      },
      {
        "model": "industrial gateway server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ge",
        "version": "7.68.804"
      },
      {
        "model": "kepware kepserverex",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ptc",
        "version": "6.0"
      },
      {
        "model": "opc-aggregator",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ptc",
        "version": null
      },
      {
        "model": "kepserver enterprise",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "6.6.504.0"
      },
      {
        "model": "top server",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "softwaretoolbox",
        "version": "6.0"
      },
      {
        "model": "industrial gateway server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ge",
        "version": "7.66"
      },
      {
        "model": "top server",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "softwaretoolbox",
        "version": "6.9"
      },
      {
        "model": "thingworx industrial connectivity",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ptc",
        "version": null
      },
      {
        "model": "industrial gateway server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ge digital",
        "version": "version 7.68.804 \u304a\u3088\u3073 version 7.66"
      },
      {
        "model": "kepserverex",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ptc",
        "version": "version 6.0 \u304b\u3089 version 6.9"
      },
      {
        "model": "kepware linkmaster",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ptc",
        "version": "version 3.0.94.0"
      },
      {
        "model": "opc-aggregator",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ptc",
        "version": "\u3059\u3079\u3066"
      },
      {
        "model": "thingworx industrial connectivity",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ptc",
        "version": "\u3059\u3079\u3066"
      },
      {
        "model": "thingworx kepware server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ptc",
        "version": "version 6.8 \u304a\u3088\u3073 version 6.9"
      },
      {
        "model": "kepserver enterprise",
        "scope": null,
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": null
      },
      {
        "model": "top server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "toolbox",
        "version": "6\u7cfb\u306e\u3059\u3079\u3066"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-010092"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27263"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ge:industrial_gateway_server:7.66:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:industrial_gateway_server:7.68.804:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ptc:kepware_kepserverex:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ptc:kepware_kepserverex:6.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ptc:opc-aggregator:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ptc:thingworx_industrial_connectivity:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ptc:thingworx_kepware_server:6.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ptc:thingworx_kepware_server:6.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.6.504.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.9.572.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:softwaretoolbox:top_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.9",
                "versionStartIncluding": "6.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-27263"
      }
    ]
  },
  "cve": "CVE-2020-27263",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-370749",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.2,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "IPA score",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-010092",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "IPA score",
            "availabilityImpact": "High",
            "baseScore": 9.1,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-010092",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "IPA score",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-010092",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "IPA score",
            "availabilityImpact": "High",
            "baseScore": 9.3,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-010092",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Changed",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "IPA",
            "id": "JVNDB-2020-010092",
            "trust": 2.4,
            "value": "Critical"
          },
          {
            "author": "NVD",
            "id": "CVE-2020-27263",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2020-010092",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202012-1301",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-370749",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-370749"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-010092"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-010092"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-010092"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-010092"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27263"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202012-1301"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data. PTC The following vulnerabilities exist in multiple products provided by the company. \u2025 * Stack-based buffer overflow (CWE-121) - CVE-2020-27265 \u2025 * Heap-based buffer overflow (CWE-122) - CVE-2020-27263 \u2025 * Use of freed memory (use-after-free) (CWE-416) - CVE-2020-27267 \u2025 * Inappropriate default permissions (CWE-276) - CVE-2020-13535The expected impact depends on each vulnerability, but it may be affected as follows. Kepware Kepserverex is an application software of American Kepware Company that can communicate with a variety of industrial equipment. The software supports more than 150 communication protocols and supports reliable real-time data for enterprises through a single platform",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-27263"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-010092"
      },
      {
        "db": "VULHUB",
        "id": "VHN-370749"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "ICS CERT",
        "id": "ICSA-20-352-02",
        "trust": 2.5
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27263",
        "trust": 2.5
      },
      {
        "db": "JVN",
        "id": "JVNVU98489812",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-352-03",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-010092",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202012-1301",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.4481",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-370749",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-370749"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-010092"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27263"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202012-1301"
      }
    ]
  },
  "id": "VAR-202101-0378",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-370749"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:07:19.688000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Customer Center",
        "trust": 0.8,
        "url": "https://digitalsupport.ge.com/communities/cc_login?starturl=%2fen_us%2fdownload%2figs-industrial-gateway-server-v7-xx"
      },
      {
        "title": "GE Digital Product Security Advisory",
        "trust": 0.8,
        "url": "https://digitalsupport.ge.com/communities/servlet/filefield?returl=%2fcommunities%2fapex%2fknowledgedetail%3fid%3dka20h0000000dpqcaa%26lang%3den_us%26type%3darticle__kav\u0026entityid=ka20h00000013uhaaq\u0026field=file_1__body__s"
      },
      {
        "title": "My Kepware Customer Self-Service Portal",
        "trust": 0.8,
        "url": "https://my.kepware.com/s/login/?ec=302\u0026starturl=%2fs%2f"
      },
      {
        "title": "PTC eSupport",
        "trust": 0.8,
        "url": "https://support.ptc.com/appserver/common/login/ssl/login.jsp?dest=%2fappserver%2fcs%2fportal%2f\u0026msg=1"
      },
      {
        "title": "Kepserver Enterprise",
        "trust": 0.8,
        "url": "https://rockwellautomation.custhelp.com/app/products/detail/categoryrecordid/rn_product_611/p/611/~/kepserver-enterprise"
      },
      {
        "title": "CISA Advisory ICSA-20-352-02 - TOP Server OPC UA Server Interface Vulnerability",
        "trust": 0.8,
        "url": "https://support.softwaretoolbox.com/app/answers/detail/a_id/3924"
      },
      {
        "title": "PTC Kepware KEPServerEX Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=137540"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-010092"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202012-1301"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-121",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-122",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-416",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-276",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-370749"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-010092"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27263"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-13535"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27263"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27265"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27267"
      },
      {
        "trust": 0.8,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-03"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu98489812"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.4481/"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-27263"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-370749"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-010092"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27263"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202012-1301"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-370749"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-010092"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27263"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202012-1301"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-01-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-370749"
      },
      {
        "date": "2020-12-21T09:01:13",
        "db": "JVNDB",
        "id": "JVNDB-2020-010092"
      },
      {
        "date": "2021-01-14T00:15:13.353000",
        "db": "NVD",
        "id": "CVE-2020-27263"
      },
      {
        "date": "2020-12-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202012-1301"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-01-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-370749"
      },
      {
        "date": "2020-12-21T09:01:13",
        "db": "JVNDB",
        "id": "JVNDB-2020-010092"
      },
      {
        "date": "2021-01-21T16:10:30.217000",
        "db": "NVD",
        "id": "CVE-2020-27263"
      },
      {
        "date": "2021-01-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202012-1301"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202012-1301"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  PTC Product vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-010092"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202012-1301"
      }
    ],
    "trust": 0.6
  }
}

GSD-2020-27263

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2020-27263

Aliases

CVE-2020-27263

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-27263",
    "description": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data.",
    "id": "GSD-2020-27263"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-27263"
      ],
      "details": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data.",
      "id": "GSD-2020-27263",
      "modified": "2023-12-13T01:22:10.935483Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2020-27263",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "PTC Kepware KEPServerEX",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "v6.0 to v6.9"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "ThingWorx Kepware Server",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "v6.8 and v6.9"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "ThingWorx Industrial Connectivity",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "OPC-Aggregator",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Rockwell Automation KEPServer Enterprise",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "GE Digital Industrial Gateway Server",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "v7.68.804"
                        },
                        {
                          "version_value": "v7.66"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Software Toolbox TOP Server",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All 6.x versions"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "HEAP-BASED BUFFER OVERFLOW CWE-122"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02",
            "refsource": "MISC",
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ge:industrial_gateway_server:7.66:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge:industrial_gateway_server:7.68.804:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ptc:kepware_kepserverex:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ptc:kepware_kepserverex:6.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ptc:opc-aggregator:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ptc:thingworx_industrial_connectivity:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ptc:thingworx_kepware_server:6.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ptc:thingworx_kepware_server:6.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.6.504.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.9.572.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:softwaretoolbox:top_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.9",
                "versionStartIncluding": "6.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2020-27263"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.2
        }
      },
      "lastModifiedDate": "2021-01-21T16:10Z",
      "publishedDate": "2021-01-14T00:15Z"
    }
  }
}

GHSA-66V8-HP22-2Q37

Vulnerability from github – Published: 2022-05-24 17:39 – Updated: 2022-05-24 17:39

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-27263"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-01-14T00:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data.",
  "id": "GHSA-66v8-hp22-2q37",
  "modified": "2022-05-24T17:39:17Z",
  "published": "2022-05-24T17:39:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27263"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2020-27263

Vulnerability from fkie_nvd - Published: 2021-01-14 00:15 - Updated: 2024-11-21 05:20

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Summary

References

	URL	Tags
	ics-cert@hq.dhs.gov	https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02	Third Party Advisory, US Government Resource
	af854a3a-2127-422b-91ae-364da2661108	https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
ge	industrial_gateway_server	7.66
ge	industrial_gateway_server	7.68.804
ptc	kepware_kepserverex	6.0
ptc	kepware_kepserverex	6.9
ptc	opc-aggregator	-
ptc	thingworx_industrial_connectivity	-
ptc	thingworx_kepware_server	6.8
ptc	thingworx_kepware_server	6.9
rockwellautomation	kepserver_enterprise	6.6.504.0
rockwellautomation	kepserver_enterprise	6.9.572.0
softwaretoolbox	top_server	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ge:industrial_gateway_server:7.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5AEAC75-5E69-4C49-8D57-35401400C9D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge:industrial_gateway_server:7.68.804:*:*:*:*:*:*:*",
              "matchCriteriaId": "906B1D62-7656-457E-B528-B0407C9D0BA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ptc:kepware_kepserverex:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6994DBB6-BA65-4E47-B0E4-42310120FC04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ptc:kepware_kepserverex:6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC1720A3-85F1-4A85-B226-1CCBB34FCAAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ptc:opc-aggregator:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8F46490-09F7-488A-B1EB-2286BFA0F882",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ptc:thingworx_industrial_connectivity:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01A814D-8F2B-4B88-A66B-F2A2C293A6AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ptc:thingworx_kepware_server:6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DE510A4-1D91-447E-BF61-6CDFDFF82796",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ptc:thingworx_kepware_server:6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F16FBD0-8841-4E42-8FE6-796F7B4E5C16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.6.504.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FFA2B21-E36C-41CE-B633-B831C6D42962",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.9.572.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BACC2F09-9EC8-420A-B499-BF7CD737A473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:softwaretoolbox:top_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95B527BB-A27F-4080-8BBB-3FCA2408B7AE",
              "versionEndIncluding": "6.9",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data."
    },
    {
      "lang": "es",
      "value": "KEPServerEX: versiones v6.0 hasta v6.9, ThingWorx Kepware Server: versiones v6.8 y v6.9, ThingWorx Industrial Connectivity: Todas las versiones, OPC-Aggregator: Todas las versiones, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: versiones v7.68.804 y v7.66, Software Toolbox TOP Server: Todas las versiones 6.x son vulnerables a un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria.\u0026#xa0;Abrir un mensaje OPC UA espec\u00edficamente dise\u00f1ado podr\u00eda permitir a un atacante bloquear el servidor y potencialmente filtrar datos"
    }
  ],
  "id": "CVE-2020-27263",
  "lastModified": "2024-11-21T05:20:57.887",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-01-14T00:15:13.353",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-122"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ICSA-20-352-02

Vulnerability from csaf_cisa - Published: 2020-12-17 00:00 - Updated: 2021-01-05 00:00

Summary

PTC Kepware KEPServerEX (Update A)

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could lead to a server crashing, a denial-of-service condition, data leakage, or remote code execution.

Critical infrastructure sectors

Critical Manufacturing

Countries/areas deployed

Worldwide

Company headquarters location

United States

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Uri Katz"
        ],
        "organization": "Claroty",
        "summary": "reporting these vulnerabilities to PTC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could lead to a server crashing, a denial-of-service condition, data leakage, or remote code execution.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "United States",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-20-352-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-352-02.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-20-352-02 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-20-352-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "PTC Kepware KEPServerEX (Update A)",
    "tracking": {
      "current_release_date": "2021-01-05T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-20-352-02",
      "initial_release_date": "2020-12-17T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2020-12-17T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-20-352-02 PTC KEPServerEX"
        },
        {
          "date": "2021-01-05T00:00:00.000000Z",
          "legacy_version": "A",
          "number": "2",
          "summary": "ICSA-20-352-02 PTC Kepware KEPServerEX (Update A)"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "6.8 | 6.9",
                "product": {
                  "name": "ThingWorx Kepware Server: v6.8 and v6.9",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "ThingWorx Kepware Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "6.6.504.0 | 6.9.572.0",
                "product": {
                  "name": "Rockwell Automation KEPServer Enterprise: v6.6.504.0 and v6.9.572.0",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Rockwell Automation KEPServer Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7.68.804 | 7.66",
                "product": {
                  "name": "GE Digital Industrial Gateway Server: v7.68.804 and v7.66",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "GE Digital Industrial Gateway Server"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e= 6.0 | \u003c= 6.9",
                "product": {
                  "name": "KEPServerEX: v6.0 to v6.9",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "KEPServerEX"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "ThingWorx Industrial Connectivity: All versions",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "ThingWorx Industrial Connectivity"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "6.x",
                "product": {
                  "name": "Software Toolbox TOP Server: All 6.x versions",
                  "product_id": "CSAFPID-0006"
                }
              }
            ],
            "category": "product_name",
            "name": "Software Toolbox TOP Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "OPC-Aggregator: All versions",
                  "product_id": "CSAFPID-0007"
                }
              }
            ],
            "category": "product_name",
            "name": "OPC-Aggregator"
          }
        ],
        "category": "vendor",
        "name": "PTC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-27265",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected products are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code.CVE-2020-27265 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27265"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "PTC has released updates for the following products and recommends that users upgrade to the most current supported version:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ]
        },
        {
          "category": "mitigation",
          "details": "KEPServerEX Version 6.6 should upgrade to Version 6.6.362.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://my.kepware.com/"
        },
        {
          "category": "mitigation",
          "details": "KEPServerEX Version 6.7 should upgrade to Version 6.7.1067.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://my.kepware.com/"
        },
        {
          "category": "mitigation",
          "details": "KEPServerEX Version 6.8 should upgrade to Version 6.8.838.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://my.kepware.com/"
        },
        {
          "category": "mitigation",
          "details": "KEPServerEX Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://my.kepware.com/"
        },
        {
          "category": "mitigation",
          "details": "ThingWorx Kepware Server Version 6.8 should upgrade to Version 6.8.839.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "mitigation",
          "details": "ThingWorx Kepware Server Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "mitigation",
          "details": "ThingWorx Industrial Connectivity Version 8.4 should upgrade to Version 8.4 (6.6.362.0)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "mitigation",
          "details": "ThingWorx Industrial Connectivity Version 8.5 should upgrade to Version 8.5 (6.7.1068.0)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "vendor_fix",
          "details": "OPC-Aggregator Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "mitigation",
          "details": "Rockwell Automation KEPServer Enterprise Version 6.6 should upgrade to Version 6.6.550.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ]
        },
        {
          "category": "mitigation",
          "details": "Rockwell Automation KEPServer Enterprise Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ]
        },
        {
          "category": "mitigation",
          "details": "Rockwell recommends users upgrade to the most current version available, depending on the base version of the affected product they are using.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1129402"
        },
        {
          "category": "mitigation",
          "details": "GE Digital Industrial Gateway Server Versions 7.68.804 and 7.66 should update to Version 7.68.839.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://digitalsupport.ge.com/communities/cc_login?startURL=%2Fen_US%2FDownload%2FIGS-Industrial-Gateway-Server-v7-xx"
        },
        {
          "category": "mitigation",
          "details": "The GE Digital Security Advisory GED 20-05 can be accessed on the GE Digital Security Advisories Customer Center webpage.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://digitalsupport.ge.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-20-05"
        },
        {
          "category": "mitigation",
          "details": "Software Toolbox TOP Server Version 6.7 should upgrade to Version 6.7.1068.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
        },
        {
          "category": "mitigation",
          "details": "Software Toolbox TOP Server Version 6.8 should upgrade to Version 6.8.840.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
        },
        {
          "category": "mitigation",
          "details": "Software Toolbox TOP Server Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
        },
        {
          "category": "mitigation",
          "details": "Software Toolbox has released updates and recommends users update their installations.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2020-27263",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected products are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data.CVE-2020-27263 has been assigned to this vulnerability. A CVSS v3 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27263"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "PTC has released updates for the following products and recommends that users upgrade to the most current supported version:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ]
        },
        {
          "category": "mitigation",
          "details": "KEPServerEX Version 6.6 should upgrade to Version 6.6.362.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://my.kepware.com/"
        },
        {
          "category": "mitigation",
          "details": "KEPServerEX Version 6.7 should upgrade to Version 6.7.1067.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://my.kepware.com/"
        },
        {
          "category": "mitigation",
          "details": "KEPServerEX Version 6.8 should upgrade to Version 6.8.838.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://my.kepware.com/"
        },
        {
          "category": "mitigation",
          "details": "KEPServerEX Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://my.kepware.com/"
        },
        {
          "category": "mitigation",
          "details": "ThingWorx Kepware Server Version 6.8 should upgrade to Version 6.8.839.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "mitigation",
          "details": "ThingWorx Kepware Server Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "mitigation",
          "details": "ThingWorx Industrial Connectivity Version 8.4 should upgrade to Version 8.4 (6.6.362.0)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "mitigation",
          "details": "ThingWorx Industrial Connectivity Version 8.5 should upgrade to Version 8.5 (6.7.1068.0)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "vendor_fix",
          "details": "OPC-Aggregator Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "mitigation",
          "details": "Rockwell Automation KEPServer Enterprise Version 6.6 should upgrade to Version 6.6.550.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ]
        },
        {
          "category": "mitigation",
          "details": "Rockwell Automation KEPServer Enterprise Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ]
        },
        {
          "category": "mitigation",
          "details": "Rockwell recommends users upgrade to the most current version available, depending on the base version of the affected product they are using.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1129402"
        },
        {
          "category": "mitigation",
          "details": "GE Digital Industrial Gateway Server Versions 7.68.804 and 7.66 should update to Version 7.68.839.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://digitalsupport.ge.com/communities/cc_login?startURL=%2Fen_US%2FDownload%2FIGS-Industrial-Gateway-Server-v7-xx"
        },
        {
          "category": "mitigation",
          "details": "The GE Digital Security Advisory GED 20-05 can be accessed on the GE Digital Security Advisories Customer Center webpage.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://digitalsupport.ge.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-20-05"
        },
        {
          "category": "mitigation",
          "details": "Software Toolbox TOP Server Version 6.7 should upgrade to Version 6.7.1068.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
        },
        {
          "category": "mitigation",
          "details": "Software Toolbox TOP Server Version 6.8 should upgrade to Version 6.8.840.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
        },
        {
          "category": "mitigation",
          "details": "Software Toolbox TOP Server Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
        },
        {
          "category": "mitigation",
          "details": "Software Toolbox has released updates and recommends users update their installations.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2020-27267",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected products are vulnerable to a use after free vulnerability, which may allow an attacker to create and close OPC UA connections at a high rate that may cause a server to crash.CVE-2020-27267 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27267"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "PTC has released updates for the following products and recommends that users upgrade to the most current supported version:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ]
        },
        {
          "category": "mitigation",
          "details": "KEPServerEX Version 6.6 should upgrade to Version 6.6.362.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://my.kepware.com/"
        },
        {
          "category": "mitigation",
          "details": "KEPServerEX Version 6.7 should upgrade to Version 6.7.1067.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://my.kepware.com/"
        },
        {
          "category": "mitigation",
          "details": "KEPServerEX Version 6.8 should upgrade to Version 6.8.838.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://my.kepware.com/"
        },
        {
          "category": "mitigation",
          "details": "KEPServerEX Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://my.kepware.com/"
        },
        {
          "category": "mitigation",
          "details": "ThingWorx Kepware Server Version 6.8 should upgrade to Version 6.8.839.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "mitigation",
          "details": "ThingWorx Kepware Server Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "mitigation",
          "details": "ThingWorx Industrial Connectivity Version 8.4 should upgrade to Version 8.4 (6.6.362.0)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "mitigation",
          "details": "ThingWorx Industrial Connectivity Version 8.5 should upgrade to Version 8.5 (6.7.1068.0)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "vendor_fix",
          "details": "OPC-Aggregator Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://support.ptc.com/"
        },
        {
          "category": "mitigation",
          "details": "Rockwell Automation KEPServer Enterprise Version 6.6 should upgrade to Version 6.6.550.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ]
        },
        {
          "category": "mitigation",
          "details": "Rockwell Automation KEPServer Enterprise Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ]
        },
        {
          "category": "mitigation",
          "details": "Rockwell recommends users upgrade to the most current version available, depending on the base version of the affected product they are using.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1129402"
        },
        {
          "category": "mitigation",
          "details": "GE Digital Industrial Gateway Server Versions 7.68.804 and 7.66 should update to Version 7.68.839.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://digitalsupport.ge.com/communities/cc_login?startURL=%2Fen_US%2FDownload%2FIGS-Industrial-Gateway-Server-v7-xx"
        },
        {
          "category": "mitigation",
          "details": "The GE Digital Security Advisory GED 20-05 can be accessed on the GE Digital Security Advisories Customer Center webpage.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://digitalsupport.ge.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-20-05"
        },
        {
          "category": "mitigation",
          "details": "Software Toolbox TOP Server Version 6.7 should upgrade to Version 6.7.1068.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
        },
        {
          "category": "mitigation",
          "details": "Software Toolbox TOP Server Version 6.8 should upgrade to Version 6.8.840.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
        },
        {
          "category": "mitigation",
          "details": "Software Toolbox TOP Server Version 6.9 should upgrade to Version 6.9.584.0",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
        },
        {
          "category": "mitigation",
          "details": "Software Toolbox has released updates and recommends users update their installations.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ],
          "url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007"
          ]
        }
      ]
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-27263 (GCVE-0-2020-27263)

VAR-202101-0378

GSD-2020-27263

GHSA-66V8-HP22-2Q37

FKIE_CVE-2020-27263

ICSA-20-352-02

Tags

Sightings

Nomenclature