CVE-2022-25251 (GCVE-0-2022-25251)

Vulnerability from cvelistv5 – Published: 2022-03-16 14:03 – Updated: 2025-04-16 16:42
VLAI?
Summary
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain XML messages to a specific port without proper authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to read and modify the affected product’s configuration.
Severity ?
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
Vendor Product Version
PTC Axeda agent Affected: All Versions
Create a notification for this product.
Credits
Yuval Shoshani and Elad Luz of CyberMDX and Vedere Labs reported these vulnerabilities to PTC
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:36:06.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ptc.com/en/support/article/CS363561"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-25251",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T15:57:53.119800Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T16:42:06.086Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Axeda agent",
          "vendor": "PTC",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "product": "Axeda Desktop Server for Windows",
          "vendor": "PTC",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Yuval Shoshani and Elad Luz of CyberMDX and Vedere Labs reported these vulnerabilities to PTC"
        }
      ],
      "datePublic": "2022-03-08T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain XML messages to a specific port without proper authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to read and modify the affected product\u2019s configuration."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "CWE-306 Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-16T14:03:36.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ptc.com/en/support/article/CS363561"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "PTC recommends the following:\n\nUpgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.\nConfigure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255\nProvide a unique password in the AxedaDesktop.ini file for each unit.\nNever use ERemoteServer in production.\nMake sure to delete ERemoteServer file from host device.\nRemove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi\nWhen running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.\nWhen running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255\nConfigure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255\nPTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215\n\nThe Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required."
        }
      ],
      "source": {
        "advisory": "ICSA-22-067-01",
        "discovery": "UNKNOWN"
      },
      "title": "PTC Axeda agent and Axeda Desktop Server Missing Authentication For Critical Function",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "DATE_PUBLIC": "2022-03-08T17:50:00.000Z",
          "ID": "CVE-2022-25251",
          "STATE": "PUBLIC",
          "TITLE": "PTC Axeda agent and Axeda Desktop Server Missing Authentication For Critical Function"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Axeda agent",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "All Versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Axeda Desktop Server for Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "All Versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "PTC"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Yuval Shoshani and Elad Luz of CyberMDX and Vedere Labs reported these vulnerabilities to PTC"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain XML messages to a specific port without proper authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to read and modify the affected product\u2019s configuration."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-306 Missing Authentication for Critical Function"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01",
              "refsource": "MISC",
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01"
            },
            {
              "name": "https://www.ptc.com/en/support/article/CS363561",
              "refsource": "MISC",
              "url": "https://www.ptc.com/en/support/article/CS363561"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "PTC recommends the following:\n\nUpgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.\nConfigure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255\nProvide a unique password in the AxedaDesktop.ini file for each unit.\nNever use ERemoteServer in production.\nMake sure to delete ERemoteServer file from host device.\nRemove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi\nWhen running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.\nWhen running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255\nConfigure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255\nPTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215\n\nThe Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required."
          }
        ],
        "source": {
          "advisory": "ICSA-22-067-01",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2022-25251",
    "datePublished": "2022-03-16T14:03:36.591Z",
    "dateReserved": "2022-02-16T00:00:00.000Z",
    "dateUpdated": "2025-04-16T16:42:06.086Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ptc:axeda_agent:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.9.1\", \"matchCriteriaId\": \"A016E65E-5D4E-41FF-8C6A-F14EBAA7D08E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ptc:axeda_desktop_server:*:*:*:*:*:windows:*:*\", \"versionEndExcluding\": \"6.9.215\", \"matchCriteriaId\": \"9FFDC4DB-DDD1-48DE-9E3D-55D02BEE6EBC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain XML messages to a specific port without proper authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to read and modify the affected product\\u2019s configuration.\"}, {\"lang\": \"es\", \"value\": \"Cuando es conectado a un determinado puerto Axeda agent (Todas las versiones) y Axeda Desktop Server para Windows (Todas las versiones) pueden permitir a un atacante enviar determinados mensajes XML a un puerto espec\\u00edfico sin la debida autenticaci\\u00f3n. Una explotaci\\u00f3n con \\u00e9xito de esta vulnerabilidad podr\\u00eda permitir a un atacante remoto no autenticado leer y modificar la configuraci\\u00f3n del producto afectado\"}]",
      "id": "CVE-2022-25251",
      "lastModified": "2024-11-21T06:51:52.963",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-03-16T15:15:16.647",
      "references": "[{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Mitigation\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.ptc.com/en/support/article/CS363561\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.ptc.com/en/support/article/CS363561\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-306\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-306\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-25251\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2022-03-16T15:15:16.647\",\"lastModified\":\"2024-11-21T06:51:52.963\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain XML messages to a specific port without proper authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to read and modify the affected product\u2019s configuration.\"},{\"lang\":\"es\",\"value\":\"Cuando es conectado a un determinado puerto Axeda agent (Todas las versiones) y Axeda Desktop Server para Windows (Todas las versiones) pueden permitir a un atacante enviar determinados mensajes XML a un puerto espec\u00edfico sin la debida autenticaci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir a un atacante remoto no autenticado leer y modificar la configuraci\u00f3n del producto afectado\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ptc:axeda_agent:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.9.1\",\"matchCriteriaId\":\"A016E65E-5D4E-41FF-8C6A-F14EBAA7D08E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ptc:axeda_desktop_server:*:*:*:*:*:windows:*:*\",\"versionEndExcluding\":\"6.9.215\",\"matchCriteriaId\":\"9FFDC4DB-DDD1-48DE-9E3D-55D02BEE6EBC\"}]}]}],\"references\":[{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Mitigation\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.ptc.com/en/support/article/CS363561\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.ptc.com/en/support/article/CS363561\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.ptc.com/en/support/article/CS363561\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T04:36:06.557Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-25251\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-16T15:57:53.119800Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-16T15:57:54.690Z\"}}], \"cna\": {\"title\": \"PTC Axeda agent and Axeda Desktop Server Missing Authentication For Critical Function\", \"source\": {\"advisory\": \"ICSA-22-067-01\", \"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"Yuval Shoshani and Elad Luz of CyberMDX and Vedere Labs reported these vulnerabilities to PTC\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"PTC\", \"product\": \"Axeda agent\", \"versions\": [{\"status\": \"affected\", \"version\": \"All Versions\"}]}, {\"vendor\": \"PTC\", \"product\": \"Axeda Desktop Server for Windows\", \"versions\": [{\"status\": \"affected\", \"version\": \"All Versions\"}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"PTC recommends the following:\\n\\nUpgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.\\nConfigure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255\\nProvide a unique password in the AxedaDesktop.ini file for each unit.\\nNever use ERemoteServer in production.\\nMake sure to delete ERemoteServer file from host device.\\nRemove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi\\nWhen running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.\\nWhen running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255\\nConfigure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255\\nPTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215\\n\\nThe Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required.\"}], \"datePublic\": \"2022-03-08T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.ptc.com/en/support/article/CS363561\", \"tags\": [\"x_refsource_MISC\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain XML messages to a specific port without proper authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to read and modify the affected product\\u2019s configuration.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-306\", \"description\": \"CWE-306 Missing Authentication for Critical Function\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2022-03-16T14:03:36.000Z\"}, \"x_legacyV4Record\": {\"credit\": [{\"lang\": \"eng\", \"value\": \"Yuval Shoshani and Elad Luz of CyberMDX and Vedere Labs reported these vulnerabilities to PTC\"}], \"impact\": {\"cvss\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, \"source\": {\"advisory\": \"ICSA-22-067-01\", \"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"All Versions\", \"version_affected\": \"=\"}]}, \"product_name\": \"Axeda agent\"}, {\"version\": {\"version_data\": [{\"version_value\": \"All Versions\", \"version_affected\": \"=\"}]}, \"product_name\": \"Axeda Desktop Server for Windows\"}]}, \"vendor_name\": \"PTC\"}]}}, \"solution\": [{\"lang\": \"en\", \"value\": \"PTC recommends the following:\\n\\nUpgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.\\nConfigure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255\\nProvide a unique password in the AxedaDesktop.ini file for each unit.\\nNever use ERemoteServer in production.\\nMake sure to delete ERemoteServer file from host device.\\nRemove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi\\nWhen running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.\\nWhen running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255\\nConfigure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255\\nPTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215\\n\\nThe Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required.\"}], \"data_type\": \"CVE\", \"generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"references\": {\"reference_data\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\", \"name\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.ptc.com/en/support/article/CS363561\", \"name\": \"https://www.ptc.com/en/support/article/CS363561\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain XML messages to a specific port without proper authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to read and modify the affected product\\u2019s configuration.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-306 Missing Authentication for Critical Function\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-25251\", \"STATE\": \"PUBLIC\", \"TITLE\": \"PTC Axeda agent and Axeda Desktop Server Missing Authentication For Critical Function\", \"ASSIGNER\": \"ics-cert@hq.dhs.gov\", \"DATE_PUBLIC\": \"2022-03-08T17:50:00.000Z\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-25251\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-16T16:42:06.086Z\", \"dateReserved\": \"2022-02-16T00:00:00.000Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2022-03-16T14:03:36.591Z\", \"assignerShortName\": \"icscert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.