cvelistv5 - cve-2022-25246

CVE-2022-25246 (GCVE-0-2022-25246)

Vulnerability from cvelistv5 – Published: 2022-03-16 14:03 – Updated: 2025-04-16 16:42

Summary

Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-798 - Use of Hard-coded Credentials

Assigner

icscert

References

URL

Tags

	https://www.cisa.gov/uscert/ics/advisories/icsa-2…	x_refsource_MISC
	https://www.ptc.com/en/support/article/CS363561	x_refsource_MISC

Impacted products

Vendor

Product

Version

PTC

Axeda agent

Affected: All Versions

PTC

Axeda Desktop Server for Windows

Affected: All Versions

Credits

Yuval Shoshani and Elad Luz of CyberMDX and Vedere Labs reported these vulnerabilities to PTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:36:06.691Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ptc.com/en/support/article/CS363561"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-25246",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T15:57:56.512000Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T16:42:53.542Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Axeda agent",
          "vendor": "PTC",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "product": "Axeda Desktop Server for Windows",
          "vendor": "PTC",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Yuval Shoshani and Elad Luz of CyberMDX and Vedere Labs reported these vulnerabilities to PTC"
        }
      ],
      "datePublic": "2022-03-08T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-16T14:03:31.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ptc.com/en/support/article/CS363561"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "PTC recommends the following:\n\nUpgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.\nConfigure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255\nProvide a unique password in the AxedaDesktop.ini file for each unit.\nNever use ERemoteServer in production.\nMake sure to delete ERemoteServer file from host device.\nRemove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi\nWhen running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.\nWhen running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255\nConfigure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255\nPTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215\n\nThe Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required."
        }
      ],
      "source": {
        "advisory": "ICSA-22-067-01",
        "discovery": "UNKNOWN"
      },
      "title": "PTC Axeda agent and Axeda Desktop Server Use of Hard-Coded Credentials",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "DATE_PUBLIC": "2022-03-08T17:50:00.000Z",
          "ID": "CVE-2022-25246",
          "STATE": "PUBLIC",
          "TITLE": "PTC Axeda agent and Axeda Desktop Server Use of Hard-Coded Credentials"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Axeda agent",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "All Versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Axeda Desktop Server for Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "All Versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "PTC"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Yuval Shoshani and Elad Luz of CyberMDX and Vedere Labs reported these vulnerabilities to PTC"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-798 Use of Hard-coded Credentials"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01",
              "refsource": "MISC",
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01"
            },
            {
              "name": "https://www.ptc.com/en/support/article/CS363561",
              "refsource": "MISC",
              "url": "https://www.ptc.com/en/support/article/CS363561"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "PTC recommends the following:\n\nUpgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.\nConfigure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255\nProvide a unique password in the AxedaDesktop.ini file for each unit.\nNever use ERemoteServer in production.\nMake sure to delete ERemoteServer file from host device.\nRemove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi\nWhen running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.\nWhen running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255\nConfigure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255\nPTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215\n\nThe Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required."
          }
        ],
        "source": {
          "advisory": "ICSA-22-067-01",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2022-25246",
    "datePublished": "2022-03-16T14:03:31.142Z",
    "dateReserved": "2022-02-16T00:00:00.000Z",
    "dateUpdated": "2025-04-16T16:42:53.542Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ptc:axeda_agent:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.9.1\", \"matchCriteriaId\": \"A016E65E-5D4E-41FF-8C6A-F14EBAA7D08E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ptc:axeda_desktop_server:*:*:*:*:*:windows:*:*\", \"versionEndExcluding\": \"6.9.215\", \"matchCriteriaId\": \"9FFDC4DB-DDD1-48DE-9E3D-55D02BEE6EBC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system.\"}, {\"lang\": \"es\", \"value\": \"Axeda agent (Todas las versiones) y Axeda Desktop Server para Windows (Todas las versiones) usa credenciales embebidas para su instalaci\\u00f3n de UltraVNC. Una explotaci\\u00f3n con \\u00e9xito de esta vulnerabilidad podr\\u00eda permitir a un atacante remoto autenticado tomar el control remoto completo del sistema operativo del host\"}]",
      "id": "CVE-2022-25246",
      "lastModified": "2024-11-21T06:51:52.383",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 9.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-03-16T15:15:16.343",
      "references": "[{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Mitigation\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.ptc.com/en/support/article/CS363561\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.ptc.com/en/support/article/CS363561\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-798\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-798\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-25246\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2022-03-16T15:15:16.343\",\"lastModified\":\"2024-11-21T06:51:52.383\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system.\"},{\"lang\":\"es\",\"value\":\"Axeda agent (Todas las versiones) y Axeda Desktop Server para Windows (Todas las versiones) usa credenciales embebidas para su instalaci\u00f3n de UltraVNC. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir a un atacante remoto autenticado tomar el control remoto completo del sistema operativo del host\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ptc:axeda_agent:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.9.1\",\"matchCriteriaId\":\"A016E65E-5D4E-41FF-8C6A-F14EBAA7D08E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ptc:axeda_desktop_server:*:*:*:*:*:windows:*:*\",\"versionEndExcluding\":\"6.9.215\",\"matchCriteriaId\":\"9FFDC4DB-DDD1-48DE-9E3D-55D02BEE6EBC\"}]}]}],\"references\":[{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Mitigation\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.ptc.com/en/support/article/CS363561\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.ptc.com/en/support/article/CS363561\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.ptc.com/en/support/article/CS363561\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T04:36:06.691Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-25246\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-16T15:57:56.512000Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-16T15:57:58.158Z\"}}], \"cna\": {\"title\": \"PTC Axeda agent and Axeda Desktop Server Use of Hard-Coded Credentials\", \"source\": {\"advisory\": \"ICSA-22-067-01\", \"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"Yuval Shoshani and Elad Luz of CyberMDX and Vedere Labs reported these vulnerabilities to PTC\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"PTC\", \"product\": \"Axeda agent\", \"versions\": [{\"status\": \"affected\", \"version\": \"All Versions\"}]}, {\"vendor\": \"PTC\", \"product\": \"Axeda Desktop Server for Windows\", \"versions\": [{\"status\": \"affected\", \"version\": \"All Versions\"}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"PTC recommends the following:\\n\\nUpgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.\\nConfigure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255\\nProvide a unique password in the AxedaDesktop.ini file for each unit.\\nNever use ERemoteServer in production.\\nMake sure to delete ERemoteServer file from host device.\\nRemove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi\\nWhen running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.\\nWhen running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255\\nConfigure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255\\nPTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215\\n\\nThe Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required.\"}], \"datePublic\": \"2022-03-08T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.ptc.com/en/support/article/CS363561\", \"tags\": [\"x_refsource_MISC\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-798\", \"description\": \"CWE-798 Use of Hard-coded Credentials\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2022-03-16T14:03:31.000Z\"}, \"x_legacyV4Record\": {\"credit\": [{\"lang\": \"eng\", \"value\": \"Yuval Shoshani and Elad Luz of CyberMDX and Vedere Labs reported these vulnerabilities to PTC\"}], \"impact\": {\"cvss\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, \"source\": {\"advisory\": \"ICSA-22-067-01\", \"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"All Versions\", \"version_affected\": \"=\"}]}, \"product_name\": \"Axeda agent\"}, {\"version\": {\"version_data\": [{\"version_value\": \"All Versions\", \"version_affected\": \"=\"}]}, \"product_name\": \"Axeda Desktop Server for Windows\"}]}, \"vendor_name\": \"PTC\"}]}}, \"solution\": [{\"lang\": \"en\", \"value\": \"PTC recommends the following:\\n\\nUpgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.\\nConfigure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255\\nProvide a unique password in the AxedaDesktop.ini file for each unit.\\nNever use ERemoteServer in production.\\nMake sure to delete ERemoteServer file from host device.\\nRemove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi\\nWhen running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.\\nWhen running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255\\nConfigure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255\\nPTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215\\n\\nThe Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required.\"}], \"data_type\": \"CVE\", \"generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"references\": {\"reference_data\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\", \"name\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.ptc.com/en/support/article/CS363561\", \"name\": \"https://www.ptc.com/en/support/article/CS363561\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-798 Use of Hard-coded Credentials\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-25246\", \"STATE\": \"PUBLIC\", \"TITLE\": \"PTC Axeda agent and Axeda Desktop Server Use of Hard-Coded Credentials\", \"ASSIGNER\": \"ics-cert@hq.dhs.gov\", \"DATE_PUBLIC\": \"2022-03-08T17:50:00.000Z\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-25246\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-16T16:42:53.542Z\", \"dateReserved\": \"2022-02-16T00:00:00.000Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2022-03-16T14:03:31.142Z\", \"assignerShortName\": \"icscert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2022-25246

Vulnerability from fkie_nvd - Published: 2022-03-16 15:15 - Updated: 2024-11-21 06:51

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01	Mitigation, Third Party Advisory, US Government Resource
ics-cert@hq.dhs.gov	https://www.ptc.com/en/support/article/CS363561	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01	Mitigation, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://www.ptc.com/en/support/article/CS363561	Vendor Advisory

Impacted products

	Vendor	Product	Version
	ptc	axeda_agent	*
	ptc	axeda_desktop_server	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ptc:axeda_agent:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A016E65E-5D4E-41FF-8C6A-F14EBAA7D08E",
              "versionEndExcluding": "6.9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ptc:axeda_desktop_server:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "9FFDC4DB-DDD1-48DE-9E3D-55D02BEE6EBC",
              "versionEndExcluding": "6.9.215",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system."
    },
    {
      "lang": "es",
      "value": "Axeda agent (Todas las versiones) y Axeda Desktop Server para Windows (Todas las versiones) usa credenciales embebidas para su instalaci\u00f3n de UltraVNC. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir a un atacante remoto autenticado tomar el control remoto completo del sistema operativo del host"
    }
  ],
  "id": "CVE-2022-25246",
  "lastModified": "2024-11-21T06:51:52.383",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "ics-cert@hq.dhs.gov",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-03-16T15:15:16.343",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ptc.com/en/support/article/CS363561"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ptc.com/en/support/article/CS363561"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-R24P-MXFV-R3VM

Vulnerability from github – Published: 2022-03-17 00:00 – Updated: 2022-03-29 00:01

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-25246"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-798"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-16T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system.",
  "id": "GHSA-r24p-mxfv-r3vm",
  "modified": "2022-03-29T00:01:39Z",
  "published": "2022-03-17T00:00:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25246"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01"
    },
    {
      "type": "WEB",
      "url": "https://www.ptc.com/en/support/article/CS363561"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2022-25246

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-25246

Aliases

CVE-2022-25246

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-25246",
    "description": "Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system.",
    "id": "GSD-2022-25246"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-25246"
      ],
      "details": "Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system.",
      "id": "GSD-2022-25246",
      "modified": "2023-12-13T01:19:27.054220Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "DATE_PUBLIC": "2022-03-08T17:50:00.000Z",
        "ID": "CVE-2022-25246",
        "STATE": "PUBLIC",
        "TITLE": "PTC Axeda agent and Axeda Desktop Server Use of Hard-Coded Credentials "
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Axeda agent",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All Versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Axeda Desktop Server for Windows",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All Versions"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "PTC"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "Yuval Shoshani and Elad Luz of CyberMDX and Vedere Labs reported these vulnerabilities to PTC"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-798 Use of Hard-coded Credentials"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01",
            "refsource": "MISC",
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01"
          },
          {
            "name": "https://www.ptc.com/en/support/article/CS363561",
            "refsource": "MISC",
            "url": "https://www.ptc.com/en/support/article/CS363561"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "PTC recommends the following:\n\nUpgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.\nConfigure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255\nProvide a unique password in the AxedaDesktop.ini file for each unit.\nNever use ERemoteServer in production.\nMake sure to delete ERemoteServer file from host device.\nRemove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi\nWhen running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.\nWhen running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255\nConfigure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255\nPTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215\n\nThe Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required."
        }
      ],
      "source": {
        "advisory": "ICSA-22-067-01",
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ptc:axeda_agent:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.9.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ptc:axeda_desktop_server:*:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.9.215",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2022-25246"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-798"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.ptc.com/en/support/article/CS363561",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.ptc.com/en/support/article/CS363561"
            },
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01",
              "refsource": "MISC",
              "tags": [
                "Mitigation",
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-03-28T13:25Z",
      "publishedDate": "2022-03-16T15:15Z"
    }
  }
}

ICSA-22-067-01

Vulnerability from csaf_cisa - Published: 2022-03-08 00:00 - Updated: 2022-03-31 00:00

Summary

PTC Axeda agent and Axeda Desktop Server (Update C)

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could result in full system access, remote code execution, read/change configuration, file system read access, log information access, and a denial-of-service condition.

Critical infrastructure sectors

Multiple

Countries/areas deployed

Worldwide

Company headquarters location

United States

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Yuval Shoshani",
          "Elad Luz"
        ],
        "organization": "CyberMDX",
        "summary": "reporting these vulnerabilities to PTC"
      },
      {
        "organization": "Vedere Labs",
        "summary": "reporting these vulnerabilities to PTC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could result in full system access, remote code execution, read/change configuration, file system read access, log information access, and a denial-of-service condition.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Multiple",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "United States",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-067-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-067-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-067-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-067-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "PTC Axeda agent and Axeda Desktop Server (Update C)",
    "tracking": {
      "current_release_date": "2022-03-31T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-22-067-01",
      "initial_release_date": "2022-03-08T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2022-03-08T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-22-067-01 PTC Axeda agent and Axeda Desktop Server"
        },
        {
          "date": "2022-03-10T00:00:00.000000Z",
          "legacy_version": "A",
          "number": "2",
          "summary": "ICSA-22-067-01 PTC Axeda agent and Axeda Desktop Server (Update A)"
        },
        {
          "date": "2022-03-15T00:00:00.000000Z",
          "legacy_version": "B",
          "number": "3",
          "summary": "ICSA-22-067-01 PTC Axeda agent and Axeda Desktop Server (Update B)"
        },
        {
          "date": "2022-03-31T00:00:00.000000Z",
          "legacy_version": "C",
          "number": "4",
          "summary": "ICSA-22-067-01 PTC Axeda agent and Axeda Desktop Server (Update C)"
        }
      ],
      "status": "final",
      "version": "4"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "Axeda agent: All versions",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Axeda agent"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "Axeda Desktop Server for Windows: All versions",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Axeda Desktop Server for Windows"
          }
        ],
        "category": "vendor",
        "name": "PTC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-25246",
      "cwe": {
        "id": "CWE-798",
        "name": "Use of Hard-coded Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product uses hard-coded credentials for its UltraVNC installation. Successful exploitation of this vulnerability could allow a remote authenticated attacker to take full remote control of the host operating system.CVE-2022-25246 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25246"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Upgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Configure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "Provide a unique password in the AxedaDesktop.ini file for each unit.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Never use ERemoteServer in production.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Make sure to delete ERemoteServer file from host device.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Remove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "When running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "When running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "Configure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "PTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/refdoc/Axeda_Connectivity/6.9/Axeda_Desktop_Server_Viewer_Release_Notes_v69_174653?\u0026art_lang=en\u0026posno=1\u0026q=Desktop%20Server\u0026DocumentType=Reference%20Document\u0026source=search"
        },
        {
          "category": "mitigation",
          "details": "The Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/refdoc/Axeda_Connectivity/6.9.3/Axeda_Gateway_Agent_Release_Notes_v6_9_3?\u0026art_lang=en\u0026posno=10\u0026q=Axeda%20Gateway%20Agent%20Release%20Notes\u0026source=search"
        },
        {
          "category": "mitigation",
          "details": "For more information refer to PTC Security Advisory and Resolution and Axeda Public Advisory.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS363561"
        },
        {
          "category": "mitigation",
          "details": "Accuray",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.accuray.com/services/customer-resources/"
        },
        {
          "category": "mitigation",
          "details": "Agilent",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://community.agilent.com/resources/b/support-announcements/posts/remote-advisor-security-notification"
        },
        {
          "category": "mitigation",
          "details": "BD",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-axeda-software-products"
        },
        {
          "category": "mitigation",
          "details": "Bayer",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.radiologysolutions.bayer.com/information-technology-advisory"
        },
        {
          "category": "mitigation",
          "details": "Beckman Coulter",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.beckmancoulter.com/en/about-beckman-coulter/product-security"
        },
        {
          "category": "mitigation",
          "details": "Elekta (Login Required)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://community.elekta.com/"
        },
        {
          "category": "mitigation",
          "details": "General Electric",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.gehealthcare.com/security"
        },
        {
          "category": "mitigation",
          "details": "Hologic",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity"
        },
        {
          "category": "mitigation",
          "details": "Roche Diagnostics",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://diagnostics.roche.com/global/en/legal/product-security-advisory.html"
        },
        {
          "category": "mitigation",
          "details": "Smiths Medical",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.smiths-medical.com/en-us/company-information/smiths-medical-cyber-security-updates"
        },
        {
          "category": "mitigation",
          "details": "Varian",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.varian.com/resources-support/cybersecurity-varian"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2022-25247",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product may allow an attacker to send certain commands to a specific port without authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to obtain full file-system access and remote code execution.CVE-2022-25247 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25247"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Upgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Configure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "Provide a unique password in the AxedaDesktop.ini file for each unit.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Never use ERemoteServer in production.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Make sure to delete ERemoteServer file from host device.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Remove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "When running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "When running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "Configure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "PTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/refdoc/Axeda_Connectivity/6.9/Axeda_Desktop_Server_Viewer_Release_Notes_v69_174653?\u0026art_lang=en\u0026posno=1\u0026q=Desktop%20Server\u0026DocumentType=Reference%20Document\u0026source=search"
        },
        {
          "category": "mitigation",
          "details": "The Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/refdoc/Axeda_Connectivity/6.9.3/Axeda_Gateway_Agent_Release_Notes_v6_9_3?\u0026art_lang=en\u0026posno=10\u0026q=Axeda%20Gateway%20Agent%20Release%20Notes\u0026source=search"
        },
        {
          "category": "mitigation",
          "details": "For more information refer to PTC Security Advisory and Resolution and Axeda Public Advisory.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS363561"
        },
        {
          "category": "mitigation",
          "details": "Accuray",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.accuray.com/services/customer-resources/"
        },
        {
          "category": "mitigation",
          "details": "Agilent",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://community.agilent.com/resources/b/support-announcements/posts/remote-advisor-security-notification"
        },
        {
          "category": "mitigation",
          "details": "BD",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-axeda-software-products"
        },
        {
          "category": "mitigation",
          "details": "Bayer",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.radiologysolutions.bayer.com/information-technology-advisory"
        },
        {
          "category": "mitigation",
          "details": "Beckman Coulter",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.beckmancoulter.com/en/about-beckman-coulter/product-security"
        },
        {
          "category": "mitigation",
          "details": "Elekta (Login Required)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://community.elekta.com/"
        },
        {
          "category": "mitigation",
          "details": "General Electric",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.gehealthcare.com/security"
        },
        {
          "category": "mitigation",
          "details": "Hologic",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity"
        },
        {
          "category": "mitigation",
          "details": "Roche Diagnostics",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://diagnostics.roche.com/global/en/legal/product-security-advisory.html"
        },
        {
          "category": "mitigation",
          "details": "Smiths Medical",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.smiths-medical.com/en-us/company-information/smiths-medical-cyber-security-updates"
        },
        {
          "category": "mitigation",
          "details": "Varian",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.varian.com/resources-support/cybersecurity-varian"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2022-25248",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When connecting to a certain port the affected product supplies the event log of the specific service.CVE-2022-25248 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25248"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Upgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Configure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "Provide a unique password in the AxedaDesktop.ini file for each unit.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Never use ERemoteServer in production.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Make sure to delete ERemoteServer file from host device.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Remove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "When running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "When running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "Configure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "PTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/refdoc/Axeda_Connectivity/6.9/Axeda_Desktop_Server_Viewer_Release_Notes_v69_174653?\u0026art_lang=en\u0026posno=1\u0026q=Desktop%20Server\u0026DocumentType=Reference%20Document\u0026source=search"
        },
        {
          "category": "mitigation",
          "details": "The Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/refdoc/Axeda_Connectivity/6.9.3/Axeda_Gateway_Agent_Release_Notes_v6_9_3?\u0026art_lang=en\u0026posno=10\u0026q=Axeda%20Gateway%20Agent%20Release%20Notes\u0026source=search"
        },
        {
          "category": "mitigation",
          "details": "For more information refer to PTC Security Advisory and Resolution and Axeda Public Advisory.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS363561"
        },
        {
          "category": "mitigation",
          "details": "Accuray",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.accuray.com/services/customer-resources/"
        },
        {
          "category": "mitigation",
          "details": "Agilent",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://community.agilent.com/resources/b/support-announcements/posts/remote-advisor-security-notification"
        },
        {
          "category": "mitigation",
          "details": "BD",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-axeda-software-products"
        },
        {
          "category": "mitigation",
          "details": "Bayer",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.radiologysolutions.bayer.com/information-technology-advisory"
        },
        {
          "category": "mitigation",
          "details": "Beckman Coulter",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.beckmancoulter.com/en/about-beckman-coulter/product-security"
        },
        {
          "category": "mitigation",
          "details": "Elekta (Login Required)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://community.elekta.com/"
        },
        {
          "category": "mitigation",
          "details": "General Electric",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.gehealthcare.com/security"
        },
        {
          "category": "mitigation",
          "details": "Hologic",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity"
        },
        {
          "category": "mitigation",
          "details": "Roche Diagnostics",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://diagnostics.roche.com/global/en/legal/product-security-advisory.html"
        },
        {
          "category": "mitigation",
          "details": "Smiths Medical",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.smiths-medical.com/en-us/company-information/smiths-medical-cyber-security-updates"
        },
        {
          "category": "mitigation",
          "details": "Varian",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.varian.com/resources-support/cybersecurity-varian"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2022-25249",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product (disregarding Axeda agent v6.9.2 and v6.9.3) is vulnerable to directory traversal, which could allow a remote unauthenticated attacker to obtain file system read access via web server.CVE-2022-25249 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25249"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Upgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Configure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "Provide a unique password in the AxedaDesktop.ini file for each unit.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Never use ERemoteServer in production.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Make sure to delete ERemoteServer file from host device.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Remove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "When running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "When running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "Configure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "PTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/refdoc/Axeda_Connectivity/6.9/Axeda_Desktop_Server_Viewer_Release_Notes_v69_174653?\u0026art_lang=en\u0026posno=1\u0026q=Desktop%20Server\u0026DocumentType=Reference%20Document\u0026source=search"
        },
        {
          "category": "mitigation",
          "details": "The Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/refdoc/Axeda_Connectivity/6.9.3/Axeda_Gateway_Agent_Release_Notes_v6_9_3?\u0026art_lang=en\u0026posno=10\u0026q=Axeda%20Gateway%20Agent%20Release%20Notes\u0026source=search"
        },
        {
          "category": "mitigation",
          "details": "For more information refer to PTC Security Advisory and Resolution and Axeda Public Advisory.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS363561"
        },
        {
          "category": "mitigation",
          "details": "Accuray",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.accuray.com/services/customer-resources/"
        },
        {
          "category": "mitigation",
          "details": "Agilent",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://community.agilent.com/resources/b/support-announcements/posts/remote-advisor-security-notification"
        },
        {
          "category": "mitigation",
          "details": "BD",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-axeda-software-products"
        },
        {
          "category": "mitigation",
          "details": "Bayer",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.radiologysolutions.bayer.com/information-technology-advisory"
        },
        {
          "category": "mitigation",
          "details": "Beckman Coulter",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.beckmancoulter.com/en/about-beckman-coulter/product-security"
        },
        {
          "category": "mitigation",
          "details": "Elekta (Login Required)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://community.elekta.com/"
        },
        {
          "category": "mitigation",
          "details": "General Electric",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.gehealthcare.com/security"
        },
        {
          "category": "mitigation",
          "details": "Hologic",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity"
        },
        {
          "category": "mitigation",
          "details": "Roche Diagnostics",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://diagnostics.roche.com/global/en/legal/product-security-advisory.html"
        },
        {
          "category": "mitigation",
          "details": "Smiths Medical",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.smiths-medical.com/en-us/company-information/smiths-medical-cyber-security-updates"
        },
        {
          "category": "mitigation",
          "details": "Varian",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.varian.com/resources-support/cybersecurity-varian"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2022-25250",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product may allow an attacker to send a certain command to a specific port without authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to shut down a specific service.CVE-2022-25250 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25250"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Upgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Configure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "Provide a unique password in the AxedaDesktop.ini file for each unit.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Never use ERemoteServer in production.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Make sure to delete ERemoteServer file from host device.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Remove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "When running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "When running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "Configure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "PTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/refdoc/Axeda_Connectivity/6.9/Axeda_Desktop_Server_Viewer_Release_Notes_v69_174653?\u0026art_lang=en\u0026posno=1\u0026q=Desktop%20Server\u0026DocumentType=Reference%20Document\u0026source=search"
        },
        {
          "category": "mitigation",
          "details": "The Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/refdoc/Axeda_Connectivity/6.9.3/Axeda_Gateway_Agent_Release_Notes_v6_9_3?\u0026art_lang=en\u0026posno=10\u0026q=Axeda%20Gateway%20Agent%20Release%20Notes\u0026source=search"
        },
        {
          "category": "mitigation",
          "details": "For more information refer to PTC Security Advisory and Resolution and Axeda Public Advisory.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS363561"
        },
        {
          "category": "mitigation",
          "details": "Accuray",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.accuray.com/services/customer-resources/"
        },
        {
          "category": "mitigation",
          "details": "Agilent",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://community.agilent.com/resources/b/support-announcements/posts/remote-advisor-security-notification"
        },
        {
          "category": "mitigation",
          "details": "BD",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-axeda-software-products"
        },
        {
          "category": "mitigation",
          "details": "Bayer",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.radiologysolutions.bayer.com/information-technology-advisory"
        },
        {
          "category": "mitigation",
          "details": "Beckman Coulter",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.beckmancoulter.com/en/about-beckman-coulter/product-security"
        },
        {
          "category": "mitigation",
          "details": "Elekta (Login Required)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://community.elekta.com/"
        },
        {
          "category": "mitigation",
          "details": "General Electric",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.gehealthcare.com/security"
        },
        {
          "category": "mitigation",
          "details": "Hologic",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity"
        },
        {
          "category": "mitigation",
          "details": "Roche Diagnostics",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://diagnostics.roche.com/global/en/legal/product-security-advisory.html"
        },
        {
          "category": "mitigation",
          "details": "Smiths Medical",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.smiths-medical.com/en-us/company-information/smiths-medical-cyber-security-updates"
        },
        {
          "category": "mitigation",
          "details": "Varian",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.varian.com/resources-support/cybersecurity-varian"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2022-25251",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product may allow an attacker to send certain XML messages to a specific port without proper authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to read and modify the affected product \u0027s configuration.CVE-2022-25251 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25251"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Upgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Configure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "Provide a unique password in the AxedaDesktop.ini file for each unit.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Never use ERemoteServer in production.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Make sure to delete ERemoteServer file from host device.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Remove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "When running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "When running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "Configure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "PTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/refdoc/Axeda_Connectivity/6.9/Axeda_Desktop_Server_Viewer_Release_Notes_v69_174653?\u0026art_lang=en\u0026posno=1\u0026q=Desktop%20Server\u0026DocumentType=Reference%20Document\u0026source=search"
        },
        {
          "category": "mitigation",
          "details": "The Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/refdoc/Axeda_Connectivity/6.9.3/Axeda_Gateway_Agent_Release_Notes_v6_9_3?\u0026art_lang=en\u0026posno=10\u0026q=Axeda%20Gateway%20Agent%20Release%20Notes\u0026source=search"
        },
        {
          "category": "mitigation",
          "details": "For more information refer to PTC Security Advisory and Resolution and Axeda Public Advisory.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS363561"
        },
        {
          "category": "mitigation",
          "details": "Accuray",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.accuray.com/services/customer-resources/"
        },
        {
          "category": "mitigation",
          "details": "Agilent",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://community.agilent.com/resources/b/support-announcements/posts/remote-advisor-security-notification"
        },
        {
          "category": "mitigation",
          "details": "BD",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-axeda-software-products"
        },
        {
          "category": "mitigation",
          "details": "Bayer",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.radiologysolutions.bayer.com/information-technology-advisory"
        },
        {
          "category": "mitigation",
          "details": "Beckman Coulter",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.beckmancoulter.com/en/about-beckman-coulter/product-security"
        },
        {
          "category": "mitigation",
          "details": "Elekta (Login Required)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://community.elekta.com/"
        },
        {
          "category": "mitigation",
          "details": "General Electric",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.gehealthcare.com/security"
        },
        {
          "category": "mitigation",
          "details": "Hologic",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity"
        },
        {
          "category": "mitigation",
          "details": "Roche Diagnostics",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://diagnostics.roche.com/global/en/legal/product-security-advisory.html"
        },
        {
          "category": "mitigation",
          "details": "Smiths Medical",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.smiths-medical.com/en-us/company-information/smiths-medical-cyber-security-updates"
        },
        {
          "category": "mitigation",
          "details": "Varian",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.varian.com/resources-support/cybersecurity-varian"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2022-25252",
      "cwe": {
        "id": "CWE-703",
        "name": "Improper Check or Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product when receiving certain input throws an exception. Services using said function do not handle the exception. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to crash the affected product.CVE-2022-25252 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25252"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Upgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Configure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "Provide a unique password in the AxedaDesktop.ini file for each unit.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Never use ERemoteServer in production.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Make sure to delete ERemoteServer file from host device.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Remove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "When running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "When running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "Configure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS360255"
        },
        {
          "category": "mitigation",
          "details": "PTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/refdoc/Axeda_Connectivity/6.9/Axeda_Desktop_Server_Viewer_Release_Notes_v69_174653?\u0026art_lang=en\u0026posno=1\u0026q=Desktop%20Server\u0026DocumentType=Reference%20Document\u0026source=search"
        },
        {
          "category": "mitigation",
          "details": "The Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/refdoc/Axeda_Connectivity/6.9.3/Axeda_Gateway_Agent_Release_Notes_v6_9_3?\u0026art_lang=en\u0026posno=10\u0026q=Axeda%20Gateway%20Agent%20Release%20Notes\u0026source=search"
        },
        {
          "category": "mitigation",
          "details": "For more information refer to PTC Security Advisory and Resolution and Axeda Public Advisory.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.ptc.com/en/support/article/CS363561"
        },
        {
          "category": "mitigation",
          "details": "Accuray",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.accuray.com/services/customer-resources/"
        },
        {
          "category": "mitigation",
          "details": "Agilent",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://community.agilent.com/resources/b/support-announcements/posts/remote-advisor-security-notification"
        },
        {
          "category": "mitigation",
          "details": "BD",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-axeda-software-products"
        },
        {
          "category": "mitigation",
          "details": "Bayer",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.radiologysolutions.bayer.com/information-technology-advisory"
        },
        {
          "category": "mitigation",
          "details": "Beckman Coulter",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.beckmancoulter.com/en/about-beckman-coulter/product-security"
        },
        {
          "category": "mitigation",
          "details": "Elekta (Login Required)",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://community.elekta.com/"
        },
        {
          "category": "mitigation",
          "details": "General Electric",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.gehealthcare.com/security"
        },
        {
          "category": "mitigation",
          "details": "Hologic",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity"
        },
        {
          "category": "mitigation",
          "details": "Roche Diagnostics",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://diagnostics.roche.com/global/en/legal/product-security-advisory.html"
        },
        {
          "category": "mitigation",
          "details": "Smiths Medical",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.smiths-medical.com/en-us/company-information/smiths-medical-cyber-security-updates"
        },
        {
          "category": "mitigation",
          "details": "Varian",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.varian.com/resources-support/cybersecurity-varian"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-25246 (GCVE-0-2022-25246)

FKIE_CVE-2022-25246

GHSA-R24P-MXFV-R3VM

GSD-2022-25246

ICSA-22-067-01

Tags

Sightings

Nomenclature