Vulnerability-Lookup

FKIE_CVE-2023-0755

Vulnerability from fkie_nvd - Published: 2023-02-23 22:15 - Updated: 2026-06-17 05:26

Severity

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code.

References

	URL	Tags
	ics-cert@hq.dhs.gov	https://www.cisa.gov/uscert/ics/advisories/icsa-23-054-01	Third Party Advisory, US Government Resource
	af854a3a-2127-422b-91ae-364da2661108	https://www.cisa.gov/uscert/ics/advisories/icsa-23-054-01	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
ge	digital_industrial_gateway_server	*
ptc	kepware_server	*
ptc	kepware_serverex	*
ptc	thingworx_.net-sdk	*
ptc	thingworx_edge_c-sdk	*
ptc	thingworx_edge_microserver	*
ptc	thingworx_industrial_connectivity	-
ptc	thingworx_kepware_edge	*
rockwellautomation	kepserver_enterprise	*

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "defaultStatus": "unaffected",
          "product": "ThingWorx Edge C-SDK",
          "vendor": "PTC",
          "versions": [
            {
              "lessThanOrEqual": "v2.2.12.1052 ",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": ".NET-SDK",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThanOrEqual": "v5.8.4.971 ",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ThingWorx Edge MicroServer (EMS)",
          "vendor": "PTC",
          "versions": [
            {
              "lessThanOrEqual": "v5.4.10.0 ",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Kepware KEPServerEX",
          "vendor": "PTC",
          "versions": [
            {
              "lessThanOrEqual": "v6.12 ",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ThingWorx Kepware Server ",
          "vendor": "PTC",
          "versions": [
            {
              "lessThanOrEqual": "v6.12 ",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ThingWorx Industrial Connectivity",
          "vendor": "PTC",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions "
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ThingWorx Kepware Edge",
          "vendor": "PTC",
          "versions": [
            {
              "lessThanOrEqual": "v1.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "KEPServer Enterprise ",
          "vendor": "Rockwell Automation ",
          "versions": [
            {
              "lessThanOrEqual": "v6.12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Digital Industrial Gateway Server ",
          "vendor": "General Electric ",
          "versions": [
            {
              "lessThanOrEqual": "v7.612",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "source": "ics-cert@hq.dhs.gov"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ge:digital_industrial_gateway_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4D9E061-4E5C-4390-916D-8AABE3523E16",
              "versionEndIncluding": "7.612",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ptc:kepware_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A50F0395-983A-4261-9FE3-40762E5EC02F",
              "versionEndIncluding": "6.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ptc:kepware_serverex:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7C3EDBB-FEB2-4BE7-A379-AF07F1BCD46D",
              "versionEndIncluding": "6.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ptc:thingworx_.net-sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63EBD473-C1FD-4B90-BEB9-38488F6EC8A5",
              "versionEndIncluding": "5.8.4.971",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ptc:thingworx_edge_c-sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D82325D-070B-462B-B92F-34CC047D3340",
              "versionEndIncluding": "2.2.12.1052",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ptc:thingworx_edge_microserver:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E860B82D-355A-4AB3-AA93-6B1D15A1B2D7",
              "versionEndIncluding": "5.4.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ptc:thingworx_industrial_connectivity:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01A814D-8F2B-4B88-A66B-F2A2C293A6AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ptc:thingworx_kepware_edge:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16730F8-C263-478B-B286-9831FFF5A409",
              "versionEndIncluding": "1.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5A51513-026A-43DA-9CB6-D5B68819CA47",
              "versionEndIncluding": "6.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "\nThe affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code.\n\n"
    }
  ],
  "id": "CVE-2023-0755",
  "lastModified": "2026-06-17T05:26:14.247",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "ics-cert@hq.dhs.gov",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2023-0755",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "yes"
            },
            {
              "technicalImpact": "total"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2025-01-16T20:59:08.379075Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2023-02-23T22:15:11.427",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-054-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-054-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-129"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    }
  ]
}

CVE-2023-0755 (GCVE-0-2023-0755)

Vulnerability from cvelistv5 – Published: 2023-02-23 21:23 – Updated: 2025-01-16 21:55

Summary

The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code.

Severity

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-129 - Improper Validation of Array Index

Assigner

icscert

References

1 reference

URL	Tags
https://www.cisa.gov/uscert/ics/advisories/icsa-2…

Impacted products

9 products

Vendor	Product	Version
PTC	ThingWorx Edge C-SDK	Affected: 0 , ≤ v2.2.12.1052 (custom)
Microsoft	.NET-SDK	Affected: 0 , ≤ v5.8.4.971 (custom)
PTC	ThingWorx Edge MicroServer (EMS)	Affected: 0 , ≤ v5.4.10.0 (custom)
PTC	Kepware KEPServerEX	Affected: 0 , ≤ v6.12 (custom)
PTC	ThingWorx Kepware Server	Affected: 0 , ≤ v6.12 (custom)
PTC	ThingWorx Industrial Connectivity	Affected: All Versions
PTC	ThingWorx Kepware Edge	Affected: 0 , ≤ v1.5 (custom)
Rockwell Automation	KEPServer Enterprise	Affected: 0 , ≤ v6.12 (custom)
General Electric	Digital Industrial Gateway Server	Affected: 0 , ≤ v7.612 (custom)

Date Public

2023-02-23 17:00

Credits

Chris Anastasio and Steven Seeley of Incite Team reported these vulnerabilities to CISA.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T05:24:34.155Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-054-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-0755",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-16T20:59:08.379075Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-16T21:55:52.537Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ThingWorx Edge C-SDK",
          "vendor": "PTC",
          "versions": [
            {
              "lessThanOrEqual": "v2.2.12.1052 ",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": ".NET-SDK",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThanOrEqual": "v5.8.4.971 ",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ThingWorx Edge MicroServer (EMS)",
          "vendor": "PTC",
          "versions": [
            {
              "lessThanOrEqual": "v5.4.10.0 ",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Kepware KEPServerEX",
          "vendor": "PTC",
          "versions": [
            {
              "lessThanOrEqual": "v6.12 ",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ThingWorx Kepware Server ",
          "vendor": "PTC",
          "versions": [
            {
              "lessThanOrEqual": "v6.12 ",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ThingWorx Industrial Connectivity",
          "vendor": "PTC",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions "
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ThingWorx Kepware Edge",
          "vendor": "PTC",
          "versions": [
            {
              "lessThanOrEqual": "v1.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "KEPServer Enterprise ",
          "vendor": "Rockwell Automation ",
          "versions": [
            {
              "lessThanOrEqual": "v6.12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Digital Industrial Gateway Server ",
          "vendor": "General Electric ",
          "versions": [
            {
              "lessThanOrEqual": "v7.612",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Chris Anastasio and Steven Seeley of Incite Team reported these vulnerabilities to CISA."
        }
      ],
      "datePublic": "2023-02-23T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code.\u003c/span\u003e\n\n"
            }
          ],
          "value": "\nThe affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-129",
              "description": "CWE-129 Improper Validation of Array Index",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-23T21:23:19.210Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-054-01"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ePTC has released the following resolutions:\u003c/p\u003e\n\n\u003cp\u003eUpdate the impacted product to the latest version:\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nThingWorx Edge C-SDK: 3.0.0 or later.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nThingWorx Edge MicroServer (EMS): v5.4.11 or\nlater.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\n.NET-SDK: v5.8.5 or later.\u003c/p\u003e\n\n\u003cp\u003eFor Kepware products, the vulnerability is mitigated if the\nThingWorx Interface is \u003cb\u003enot\u003c/b\u003e enabled. To use the ThingWorx Interface\nwithout the vulnerability, update to the latest version of the product:\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nKepware KEPServerEX: v6.13 or later.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nThingWorx Kepware Server (formerly ThingWorx\nIndustrial Connectivity): v6.13 or later.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nThingWorx Kepware Edge: v1.6 or later.\u003c/p\u003e\n\n\u003cp\u003eThe following products should be upgraded as indicated or in\naccordance with the applicable organization\u2019s recommendations if the ThingWorx\nInterface is in use: \u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nRockwell Automation KEPServer Enterprise: v6.13\nor later.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nGE Digital Industrial Gateway Server: v7.613 or\nlater.\u003c/p\u003e\n\n\u003cp\u003eFor\nmore information see PTC\u2019s \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ptc.com/en/support/article/CS385715\"\u003eCustomer Support Article\n\u003c/a\u003e.\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
            }
          ],
          "value": "PTC has released the following resolutions:\n\n\n\nUpdate the impacted product to the latest version:\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nThingWorx Edge C-SDK: 3.0.0 or later.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nThingWorx Edge MicroServer (EMS): v5.4.11 or\nlater.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\n.NET-SDK: v5.8.5 or later.\n\n\n\nFor Kepware products, the vulnerability is mitigated if the\nThingWorx Interface is not enabled. To use the ThingWorx Interface\nwithout the vulnerability, update to the latest version of the product:\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nKepware KEPServerEX: v6.13 or later.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nThingWorx Kepware Server (formerly ThingWorx\nIndustrial Connectivity): v6.13 or later.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nThingWorx Kepware Edge: v1.6 or later.\n\n\n\nThe following products should be upgraded as indicated or in\naccordance with the applicable organization\u2019s recommendations if the ThingWorx\nInterface is in use: \n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nRockwell Automation KEPServer Enterprise: v6.13\nor later.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nGE Digital Industrial Gateway Server: v7.613 or\nlater.\n\n\n\nFor\nmore information see PTC\u2019s Customer Support Article\n.\n\n\n\n\n\n\n\n\n"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2023-0755",
    "datePublished": "2023-02-23T21:23:19.210Z",
    "dateReserved": "2023-02-08T20:21:34.258Z",
    "dateUpdated": "2025-01-16T21:55:52.537Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2023-0755

CVE-2023-0755 (GCVE-0-2023-0755)

Tags

Sightings

Nomenclature