Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-27265 (GCVE-0-2020-27265)
Vulnerability from cvelistv5 – Published: 2021-01-13 23:33 – Updated: 2024-08-04 16:11
VLAI?
EPSS
Summary
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code.
Severity ?
No CVSS data available.
CWE
- CWE-121 - STACK-BASED BUFFER OVERFLOW CWE-121
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | PTC Kepware KEPServerEX; ThingWorx Industrial Connectivity; OPC-Aggregator; Rockwell Automation KEPServer Enterprise; GE Digital Industrial Gateway Server; Software Toolbox TOP Server |
Affected:
v6.0 to v6.9
Affected: v6.8 and v6.9 Affected: All versions Affected: v7.68.804, v7.66 Affected: All 6.x versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:11:36.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PTC Kepware KEPServerEX; ThingWorx Industrial Connectivity; OPC-Aggregator; Rockwell Automation KEPServer Enterprise; GE Digital Industrial Gateway Server; Software Toolbox TOP Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "v6.0 to v6.9"
},
{
"status": "affected",
"version": "v6.8 and v6.9"
},
{
"status": "affected",
"version": "All versions"
},
{
"status": "affected",
"version": "v7.68.804, v7.66"
},
{
"status": "affected",
"version": "All 6.x versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "STACK-BASED BUFFER OVERFLOW CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T23:33:45.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-27265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PTC Kepware KEPServerEX; ThingWorx Industrial Connectivity; OPC-Aggregator; Rockwell Automation KEPServer Enterprise; GE Digital Industrial Gateway Server; Software Toolbox TOP Server",
"version": {
"version_data": [
{
"version_value": "v6.0 to v6.9"
},
{
"version_value": "v6.8 and v6.9"
},
{
"version_value": "All versions"
},
{
"version_value": "All versions"
},
{
"version_value": "All versions"
},
{
"version_value": "v7.68.804, v7.66"
},
{
"version_value": "All 6.x versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STACK-BASED BUFFER OVERFLOW CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-27265",
"datePublished": "2021-01-13T23:33:45.000Z",
"dateReserved": "2020-10-19T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:11:36.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-27265",
"date": "2026-04-18",
"epss": "0.00077",
"percentile": "0.23024"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-27265\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2021-01-14T00:15:13.417\",\"lastModified\":\"2024-11-21T05:20:58.083\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code.\"},{\"lang\":\"es\",\"value\":\"KEPServerEX: versiones v6.0 hasta v6.9, ThingWorx Kepware Server: versiones v6.8 y v6.9, ThingWorx Industrial Connectivity: Todas las versiones, OPC-Aggregator: Todas las versiones, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: versiones v7.68.804 y v7.66, Software Toolbox TOP Server: Todas las versiones 6.x, son vulnerables a un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria.\u0026#xa0;Abrir un mensaje OPC UA espec\u00edficamente dise\u00f1ado podr\u00eda permitir a un atacante bloquear el servidor y ejecutar c\u00f3digo de remotamente\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-121\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ge:industrial_gateway_server:7.66:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5AEAC75-5E69-4C49-8D57-35401400C9D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ge:industrial_gateway_server:7.68.804:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"906B1D62-7656-457E-B528-B0407C9D0BA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ptc:kepware_kepserverex:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6994DBB6-BA65-4E47-B0E4-42310120FC04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ptc:kepware_kepserverex:6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC1720A3-85F1-4A85-B226-1CCBB34FCAAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ptc:opc-aggregator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8F46490-09F7-488A-B1EB-2286BFA0F882\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ptc:thingworx_industrial_connectivity:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D01A814D-8F2B-4B88-A66B-F2A2C293A6AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ptc:thingworx_kepware_server:6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DE510A4-1D91-447E-BF61-6CDFDFF82796\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ptc:thingworx_kepware_server:6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F16FBD0-8841-4E42-8FE6-796F7B4E5C16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.6.504.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FFA2B21-E36C-41CE-B633-B831C6D42962\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.9.572.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BACC2F09-9EC8-420A-B499-BF7CD737A473\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:softwaretoolbox:top_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0\",\"versionEndIncluding\":\"6.9\",\"matchCriteriaId\":\"95B527BB-A27F-4080-8BBB-3FCA2408B7AE\"}]}]}],\"references\":[{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
}
}
ICSA-20-352-02
Vulnerability from csaf_cisa - Published: 2020-12-17 00:00 - Updated: 2021-01-05 00:00Summary
PTC Kepware KEPServerEX (Update A)
Notes
CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation: Successful exploitation of these vulnerabilities could lead to a server crashing, a denial-of-service condition, data leakage, or remote code execution.
Critical infrastructure sectors: Critical Manufacturing
Countries/areas deployed: Worldwide
Company headquarters location: United States
Recommended Practices: CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability: No known public exploits specifically target these vulnerabilities.
9.8 (Critical)
Mitigation
PTC has released updates for the following products and recommends that users upgrade to the most current supported version:
Mitigation
KEPServerEX Version 6.6 should upgrade to Version 6.6.362.0
https://my.kepware.com/
Mitigation
KEPServerEX Version 6.7 should upgrade to Version 6.7.1067.0
https://my.kepware.com/
Mitigation
KEPServerEX Version 6.8 should upgrade to Version 6.8.838.0
https://my.kepware.com/
Mitigation
KEPServerEX Version 6.9 should upgrade to Version 6.9.584.0
https://my.kepware.com/
Mitigation
ThingWorx Kepware Server Version 6.8 should upgrade to Version 6.8.839.0
https://support.ptc.com/
Mitigation
ThingWorx Kepware Server Version 6.9 should upgrade to Version 6.9.584.0
https://support.ptc.com/
Mitigation
ThingWorx Industrial Connectivity Version 8.4 should upgrade to Version 8.4 (6.6.362.0)
https://support.ptc.com/
Mitigation
ThingWorx Industrial Connectivity Version 8.5 should upgrade to Version 8.5 (6.7.1068.0)
https://support.ptc.com/
Vendor Fix
OPC-Aggregator Version 6.9 should upgrade to Version 6.9.584.0
https://support.ptc.com/
Mitigation
Rockwell Automation KEPServer Enterprise Version 6.6 should upgrade to Version 6.6.550.0
Mitigation
Rockwell Automation KEPServer Enterprise Version 6.9 should upgrade to Version 6.9.584.0
Mitigation
Rockwell recommends users upgrade to the most current version available, depending on the base version of the affected product they are using.
https://rockwellautomation.custhelp.com/app/answe…
Mitigation
GE Digital Industrial Gateway Server Versions 7.68.804 and 7.66 should update to Version 7.68.839.0
https://digitalsupport.ge.com/communities/cc_logi…
Mitigation
The GE Digital Security Advisory GED 20-05 can be accessed on the GE Digital Security Advisories Customer Center webpage.
https://digitalsupport.ge.com/communities/en_US/A…
Mitigation
Software Toolbox TOP Server Version 6.7 should upgrade to Version 6.7.1068.0
https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924
Mitigation
Software Toolbox TOP Server Version 6.8 should upgrade to Version 6.8.840.0
https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924
Mitigation
Software Toolbox TOP Server Version 6.9 should upgrade to Version 6.9.584.0
https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924
Mitigation
Software Toolbox has released updates and recommends users update their installations.
https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924
9.1 (Critical)
Mitigation
PTC has released updates for the following products and recommends that users upgrade to the most current supported version:
Mitigation
KEPServerEX Version 6.6 should upgrade to Version 6.6.362.0
https://my.kepware.com/
Mitigation
KEPServerEX Version 6.7 should upgrade to Version 6.7.1067.0
https://my.kepware.com/
Mitigation
KEPServerEX Version 6.8 should upgrade to Version 6.8.838.0
https://my.kepware.com/
Mitigation
KEPServerEX Version 6.9 should upgrade to Version 6.9.584.0
https://my.kepware.com/
Mitigation
ThingWorx Kepware Server Version 6.8 should upgrade to Version 6.8.839.0
https://support.ptc.com/
Mitigation
ThingWorx Kepware Server Version 6.9 should upgrade to Version 6.9.584.0
https://support.ptc.com/
Mitigation
ThingWorx Industrial Connectivity Version 8.4 should upgrade to Version 8.4 (6.6.362.0)
https://support.ptc.com/
Mitigation
ThingWorx Industrial Connectivity Version 8.5 should upgrade to Version 8.5 (6.7.1068.0)
https://support.ptc.com/
Vendor Fix
OPC-Aggregator Version 6.9 should upgrade to Version 6.9.584.0
https://support.ptc.com/
Mitigation
Rockwell Automation KEPServer Enterprise Version 6.6 should upgrade to Version 6.6.550.0
Mitigation
Rockwell Automation KEPServer Enterprise Version 6.9 should upgrade to Version 6.9.584.0
Mitigation
Rockwell recommends users upgrade to the most current version available, depending on the base version of the affected product they are using.
https://rockwellautomation.custhelp.com/app/answe…
Mitigation
GE Digital Industrial Gateway Server Versions 7.68.804 and 7.66 should update to Version 7.68.839.0
https://digitalsupport.ge.com/communities/cc_logi…
Mitigation
The GE Digital Security Advisory GED 20-05 can be accessed on the GE Digital Security Advisories Customer Center webpage.
https://digitalsupport.ge.com/communities/en_US/A…
Mitigation
Software Toolbox TOP Server Version 6.7 should upgrade to Version 6.7.1068.0
https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924
Mitigation
Software Toolbox TOP Server Version 6.8 should upgrade to Version 6.8.840.0
https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924
Mitigation
Software Toolbox TOP Server Version 6.9 should upgrade to Version 6.9.584.0
https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924
Mitigation
Software Toolbox has released updates and recommends users update their installations.
https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924
7.5 (High)
Mitigation
PTC has released updates for the following products and recommends that users upgrade to the most current supported version:
Mitigation
KEPServerEX Version 6.6 should upgrade to Version 6.6.362.0
https://my.kepware.com/
Mitigation
KEPServerEX Version 6.7 should upgrade to Version 6.7.1067.0
https://my.kepware.com/
Mitigation
KEPServerEX Version 6.8 should upgrade to Version 6.8.838.0
https://my.kepware.com/
Mitigation
KEPServerEX Version 6.9 should upgrade to Version 6.9.584.0
https://my.kepware.com/
Mitigation
ThingWorx Kepware Server Version 6.8 should upgrade to Version 6.8.839.0
https://support.ptc.com/
Mitigation
ThingWorx Kepware Server Version 6.9 should upgrade to Version 6.9.584.0
https://support.ptc.com/
Mitigation
ThingWorx Industrial Connectivity Version 8.4 should upgrade to Version 8.4 (6.6.362.0)
https://support.ptc.com/
Mitigation
ThingWorx Industrial Connectivity Version 8.5 should upgrade to Version 8.5 (6.7.1068.0)
https://support.ptc.com/
Vendor Fix
OPC-Aggregator Version 6.9 should upgrade to Version 6.9.584.0
https://support.ptc.com/
Mitigation
Rockwell Automation KEPServer Enterprise Version 6.6 should upgrade to Version 6.6.550.0
Mitigation
Rockwell Automation KEPServer Enterprise Version 6.9 should upgrade to Version 6.9.584.0
Mitigation
Rockwell recommends users upgrade to the most current version available, depending on the base version of the affected product they are using.
https://rockwellautomation.custhelp.com/app/answe…
Mitigation
GE Digital Industrial Gateway Server Versions 7.68.804 and 7.66 should update to Version 7.68.839.0
https://digitalsupport.ge.com/communities/cc_logi…
Mitigation
The GE Digital Security Advisory GED 20-05 can be accessed on the GE Digital Security Advisories Customer Center webpage.
https://digitalsupport.ge.com/communities/en_US/A…
Mitigation
Software Toolbox TOP Server Version 6.7 should upgrade to Version 6.7.1068.0
https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924
Mitigation
Software Toolbox TOP Server Version 6.8 should upgrade to Version 6.8.840.0
https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924
Mitigation
Software Toolbox TOP Server Version 6.9 should upgrade to Version 6.9.584.0
https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924
Mitigation
Software Toolbox has released updates and recommends users update their installations.
https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924
References
Acknowledgments
Claroty
Uri Katz
{
"document": {
"acknowledgments": [
{
"names": [
"Uri Katz"
],
"organization": "Claroty",
"summary": "reporting these vulnerabilities to PTC"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could lead to a server crashing, a denial-of-service condition, data leakage, or remote code execution.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "United States",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-20-352-02 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-352-02.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-20-352-02 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-20-352-02"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "PTC Kepware KEPServerEX (Update A)",
"tracking": {
"current_release_date": "2021-01-05T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-20-352-02",
"initial_release_date": "2020-12-17T00:00:00.000000Z",
"revision_history": [
{
"date": "2020-12-17T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-20-352-02 PTC KEPServerEX"
},
{
"date": "2021-01-05T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-20-352-02 PTC Kepware KEPServerEX (Update A)"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "6.8 | 6.9",
"product": {
"name": "ThingWorx Kepware Server: v6.8 and v6.9",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "ThingWorx Kepware Server"
},
{
"branches": [
{
"category": "product_version",
"name": "6.6.504.0 | 6.9.572.0",
"product": {
"name": "Rockwell Automation KEPServer Enterprise: v6.6.504.0 and v6.9.572.0",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Rockwell Automation KEPServer Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "7.68.804 | 7.66",
"product": {
"name": "GE Digital Industrial Gateway Server: v7.68.804 and v7.66",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "GE Digital Industrial Gateway Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 6.0 | \u003c= 6.9",
"product": {
"name": "KEPServerEX: v6.0 to v6.9",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "KEPServerEX"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "ThingWorx Industrial Connectivity: All versions",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "ThingWorx Industrial Connectivity"
},
{
"branches": [
{
"category": "product_version",
"name": "6.x",
"product": {
"name": "Software Toolbox TOP Server: All 6.x versions",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "Software Toolbox TOP Server"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "OPC-Aggregator: All versions",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "OPC-Aggregator"
}
],
"category": "vendor",
"name": "PTC"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-27265",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "The affected products are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code.CVE-2020-27265 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27265"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "PTC has released updates for the following products and recommends that users upgrade to the most current supported version:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "KEPServerEX Version 6.6 should upgrade to Version 6.6.362.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://my.kepware.com/"
},
{
"category": "mitigation",
"details": "KEPServerEX Version 6.7 should upgrade to Version 6.7.1067.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://my.kepware.com/"
},
{
"category": "mitigation",
"details": "KEPServerEX Version 6.8 should upgrade to Version 6.8.838.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://my.kepware.com/"
},
{
"category": "mitigation",
"details": "KEPServerEX Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://my.kepware.com/"
},
{
"category": "mitigation",
"details": "ThingWorx Kepware Server Version 6.8 should upgrade to Version 6.8.839.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "mitigation",
"details": "ThingWorx Kepware Server Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "mitigation",
"details": "ThingWorx Industrial Connectivity Version 8.4 should upgrade to Version 8.4 (6.6.362.0)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "mitigation",
"details": "ThingWorx Industrial Connectivity Version 8.5 should upgrade to Version 8.5 (6.7.1068.0)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "vendor_fix",
"details": "OPC-Aggregator Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "mitigation",
"details": "Rockwell Automation KEPServer Enterprise Version 6.6 should upgrade to Version 6.6.550.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Rockwell Automation KEPServer Enterprise Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Rockwell recommends users upgrade to the most current version available, depending on the base version of the affected product they are using.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1129402"
},
{
"category": "mitigation",
"details": "GE Digital Industrial Gateway Server Versions 7.68.804 and 7.66 should update to Version 7.68.839.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://digitalsupport.ge.com/communities/cc_login?startURL=%2Fen_US%2FDownload%2FIGS-Industrial-Gateway-Server-v7-xx"
},
{
"category": "mitigation",
"details": "The GE Digital Security Advisory GED 20-05 can be accessed on the GE Digital Security Advisories Customer Center webpage.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://digitalsupport.ge.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-20-05"
},
{
"category": "mitigation",
"details": "Software Toolbox TOP Server Version 6.7 should upgrade to Version 6.7.1068.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
},
{
"category": "mitigation",
"details": "Software Toolbox TOP Server Version 6.8 should upgrade to Version 6.8.840.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
},
{
"category": "mitigation",
"details": "Software Toolbox TOP Server Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
},
{
"category": "mitigation",
"details": "Software Toolbox has released updates and recommends users update their installations.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
}
]
},
{
"cve": "CVE-2020-27263",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "The affected products are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data.CVE-2020-27263 has been assigned to this vulnerability. A CVSS v3 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27263"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "PTC has released updates for the following products and recommends that users upgrade to the most current supported version:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "KEPServerEX Version 6.6 should upgrade to Version 6.6.362.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://my.kepware.com/"
},
{
"category": "mitigation",
"details": "KEPServerEX Version 6.7 should upgrade to Version 6.7.1067.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://my.kepware.com/"
},
{
"category": "mitigation",
"details": "KEPServerEX Version 6.8 should upgrade to Version 6.8.838.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://my.kepware.com/"
},
{
"category": "mitigation",
"details": "KEPServerEX Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://my.kepware.com/"
},
{
"category": "mitigation",
"details": "ThingWorx Kepware Server Version 6.8 should upgrade to Version 6.8.839.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "mitigation",
"details": "ThingWorx Kepware Server Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "mitigation",
"details": "ThingWorx Industrial Connectivity Version 8.4 should upgrade to Version 8.4 (6.6.362.0)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "mitigation",
"details": "ThingWorx Industrial Connectivity Version 8.5 should upgrade to Version 8.5 (6.7.1068.0)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "vendor_fix",
"details": "OPC-Aggregator Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "mitigation",
"details": "Rockwell Automation KEPServer Enterprise Version 6.6 should upgrade to Version 6.6.550.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Rockwell Automation KEPServer Enterprise Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Rockwell recommends users upgrade to the most current version available, depending on the base version of the affected product they are using.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1129402"
},
{
"category": "mitigation",
"details": "GE Digital Industrial Gateway Server Versions 7.68.804 and 7.66 should update to Version 7.68.839.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://digitalsupport.ge.com/communities/cc_login?startURL=%2Fen_US%2FDownload%2FIGS-Industrial-Gateway-Server-v7-xx"
},
{
"category": "mitigation",
"details": "The GE Digital Security Advisory GED 20-05 can be accessed on the GE Digital Security Advisories Customer Center webpage.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://digitalsupport.ge.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-20-05"
},
{
"category": "mitigation",
"details": "Software Toolbox TOP Server Version 6.7 should upgrade to Version 6.7.1068.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
},
{
"category": "mitigation",
"details": "Software Toolbox TOP Server Version 6.8 should upgrade to Version 6.8.840.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
},
{
"category": "mitigation",
"details": "Software Toolbox TOP Server Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
},
{
"category": "mitigation",
"details": "Software Toolbox has released updates and recommends users update their installations.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
}
]
},
{
"cve": "CVE-2020-27267",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The affected products are vulnerable to a use after free vulnerability, which may allow an attacker to create and close OPC UA connections at a high rate that may cause a server to crash.CVE-2020-27267 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27267"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "PTC has released updates for the following products and recommends that users upgrade to the most current supported version:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "KEPServerEX Version 6.6 should upgrade to Version 6.6.362.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://my.kepware.com/"
},
{
"category": "mitigation",
"details": "KEPServerEX Version 6.7 should upgrade to Version 6.7.1067.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://my.kepware.com/"
},
{
"category": "mitigation",
"details": "KEPServerEX Version 6.8 should upgrade to Version 6.8.838.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://my.kepware.com/"
},
{
"category": "mitigation",
"details": "KEPServerEX Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://my.kepware.com/"
},
{
"category": "mitigation",
"details": "ThingWorx Kepware Server Version 6.8 should upgrade to Version 6.8.839.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "mitigation",
"details": "ThingWorx Kepware Server Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "mitigation",
"details": "ThingWorx Industrial Connectivity Version 8.4 should upgrade to Version 8.4 (6.6.362.0)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "mitigation",
"details": "ThingWorx Industrial Connectivity Version 8.5 should upgrade to Version 8.5 (6.7.1068.0)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "vendor_fix",
"details": "OPC-Aggregator Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://support.ptc.com/"
},
{
"category": "mitigation",
"details": "Rockwell Automation KEPServer Enterprise Version 6.6 should upgrade to Version 6.6.550.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Rockwell Automation KEPServer Enterprise Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Rockwell recommends users upgrade to the most current version available, depending on the base version of the affected product they are using.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1129402"
},
{
"category": "mitigation",
"details": "GE Digital Industrial Gateway Server Versions 7.68.804 and 7.66 should update to Version 7.68.839.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://digitalsupport.ge.com/communities/cc_login?startURL=%2Fen_US%2FDownload%2FIGS-Industrial-Gateway-Server-v7-xx"
},
{
"category": "mitigation",
"details": "The GE Digital Security Advisory GED 20-05 can be accessed on the GE Digital Security Advisories Customer Center webpage.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://digitalsupport.ge.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-20-05"
},
{
"category": "mitigation",
"details": "Software Toolbox TOP Server Version 6.7 should upgrade to Version 6.7.1068.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
},
{
"category": "mitigation",
"details": "Software Toolbox TOP Server Version 6.8 should upgrade to Version 6.8.840.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
},
{
"category": "mitigation",
"details": "Software Toolbox TOP Server Version 6.9 should upgrade to Version 6.9.584.0",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
},
{
"category": "mitigation",
"details": "Software Toolbox has released updates and recommends users update their installations.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://www.softwaretoolbox.com/quickfaq.asp?faqid=3924"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
}
]
}
]
}
GHSA-355X-G6Q7-4C7G
Vulnerability from github – Published: 2022-05-24 17:39 – Updated: 2022-05-24 17:39
VLAI?
Details
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code.
{
"affected": [],
"aliases": [
"CVE-2020-27265"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-01-14T00:15:00Z",
"severity": "CRITICAL"
},
"details": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code.",
"id": "GHSA-355x-g6q7-4c7g",
"modified": "2022-05-24T17:39:17Z",
"published": "2022-05-24T17:39:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27265"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2020-27265
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-27265",
"description": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code.",
"id": "GSD-2020-27265"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-27265"
],
"details": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code.",
"id": "GSD-2020-27265",
"modified": "2023-12-13T01:22:11.029014Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-27265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PTC Kepware KEPServerEX; ThingWorx Industrial Connectivity; OPC-Aggregator; Rockwell Automation KEPServer Enterprise; GE Digital Industrial Gateway Server; Software Toolbox TOP Server",
"version": {
"version_data": [
{
"version_value": "v6.0 to v6.9"
},
{
"version_value": "v6.8 and v6.9"
},
{
"version_value": "All versions"
},
{
"version_value": "All versions"
},
{
"version_value": "All versions"
},
{
"version_value": "v7.68.804, v7.66"
},
{
"version_value": "All 6.x versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STACK-BASED BUFFER OVERFLOW CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ge:industrial_gateway_server:7.66:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ge:industrial_gateway_server:7.68.804:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ptc:kepware_kepserverex:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ptc:kepware_kepserverex:6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ptc:opc-aggregator:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ptc:thingworx_industrial_connectivity:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ptc:thingworx_kepware_server:6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ptc:thingworx_kepware_server:6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.6.504.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.9.572.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:softwaretoolbox:top_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.9",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-27265"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-01-21T16:20Z",
"publishedDate": "2021-01-14T00:15Z"
}
}
}
VAR-202101-0380
Vulnerability from variot - Updated: 2025-01-30 21:57KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code. PTC The following vulnerabilities exist in multiple products provided by the company. ‥ * Stack-based buffer overflow (CWE-121) - CVE-2020-27265 ‥ * Heap-based buffer overflow (CWE-122) - CVE-2020-27263 ‥ * Use of freed memory (use-after-free) (CWE-416) - CVE-2020-27267 ‥ * Inappropriate default permissions (CWE-276) - CVE-2020-13535The expected impact depends on each vulnerability, but it may be affected as follows. Kepware Kepserverex is an application software of American Kepware Company that can communicate with a variety of industrial equipment. The software supports more than 150 communication protocols and supports reliable real-time data for enterprises through a single platform
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202101-0380",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "thingworx kepware server",
"scope": "eq",
"trust": 1.0,
"vendor": "ptc",
"version": "6.8"
},
{
"model": "thingworx industrial connectivity",
"scope": "eq",
"trust": 1.0,
"vendor": "ptc",
"version": null
},
{
"model": "industrial gateway server",
"scope": "eq",
"trust": 1.0,
"vendor": "ge",
"version": "7.68.804"
},
{
"model": "kepserver enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.6.504.0"
},
{
"model": "industrial gateway server",
"scope": "eq",
"trust": 1.0,
"vendor": "ge",
"version": "7.66"
},
{
"model": "kepware kepserverex",
"scope": "eq",
"trust": 1.0,
"vendor": "ptc",
"version": "6.0"
},
{
"model": "top server",
"scope": "gte",
"trust": 1.0,
"vendor": "softwaretoolbox",
"version": "6.0"
},
{
"model": "opc-aggregator",
"scope": "eq",
"trust": 1.0,
"vendor": "ptc",
"version": null
},
{
"model": "kepware kepserverex",
"scope": "eq",
"trust": 1.0,
"vendor": "ptc",
"version": "6.9"
},
{
"model": "thingworx kepware server",
"scope": "eq",
"trust": 1.0,
"vendor": "ptc",
"version": "6.9"
},
{
"model": "top server",
"scope": "lte",
"trust": 1.0,
"vendor": "softwaretoolbox",
"version": "6.9"
},
{
"model": "kepserver enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.9.572.0"
},
{
"model": "industrial gateway server",
"scope": "eq",
"trust": 0.8,
"vendor": "ge digital",
"version": "version 7.68.804 \u304a\u3088\u3073 version 7.66"
},
{
"model": "kepserverex",
"scope": "eq",
"trust": 0.8,
"vendor": "ptc",
"version": "version 6.0 \u304b\u3089 version 6.9"
},
{
"model": "kepware linkmaster",
"scope": "eq",
"trust": 0.8,
"vendor": "ptc",
"version": "version 3.0.94.0"
},
{
"model": "opc-aggregator",
"scope": "eq",
"trust": 0.8,
"vendor": "ptc",
"version": "\u3059\u3079\u3066"
},
{
"model": "thingworx industrial connectivity",
"scope": "eq",
"trust": 0.8,
"vendor": "ptc",
"version": "\u3059\u3079\u3066"
},
{
"model": "thingworx kepware server",
"scope": "eq",
"trust": 0.8,
"vendor": "ptc",
"version": "version 6.8 \u304a\u3088\u3073 version 6.9"
},
{
"model": "kepserver enterprise",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "top server",
"scope": "eq",
"trust": 0.8,
"vendor": "toolbox",
"version": "6\u7cfb\u306e\u3059\u3079\u3066"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010092"
},
{
"db": "NVD",
"id": "CVE-2020-27265"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ge_digital:industrial_gateway_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ptc:kepserverex",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ptc:kepware_linkmaster",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ptc:opc-aggregator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ptc:thingWorx_industrial_connectivity",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ptc:thingworx_kepware_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:rockwellautomation:kepserver_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:software_toolbox:top_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010092"
}
]
},
"cve": "CVE-2020-27265",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-27265",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-370753",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-27265",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-010092",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-010092",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-010092",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 9.3,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-010092",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "IPA",
"id": "JVNDB-2020-010092",
"trust": 2.4,
"value": "Critical"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-27265",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "IPA",
"id": "JVNDB-2020-010092",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-1305",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-370753",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-370753"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010092"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010092"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010092"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010092"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1305"
},
{
"db": "NVD",
"id": "CVE-2020-27265"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code. PTC The following vulnerabilities exist in multiple products provided by the company. \u2025 * Stack-based buffer overflow (CWE-121) - CVE-2020-27265 \u2025 * Heap-based buffer overflow (CWE-122) - CVE-2020-27263 \u2025 * Use of freed memory (use-after-free) (CWE-416) - CVE-2020-27267 \u2025 * Inappropriate default permissions (CWE-276) - CVE-2020-13535The expected impact depends on each vulnerability, but it may be affected as follows. Kepware Kepserverex is an application software of American Kepware Company that can communicate with a variety of industrial equipment. The software supports more than 150 communication protocols and supports reliable real-time data for enterprises through a single platform",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-27265"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010092"
},
{
"db": "VULHUB",
"id": "VHN-370753"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-27265",
"trust": 2.6
},
{
"db": "ICS CERT",
"id": "ICSA-20-352-02",
"trust": 2.5
},
{
"db": "JVN",
"id": "JVNVU98489812",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-20-352-03",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010092",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1305",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.4481",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-370753",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-370753"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010092"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1305"
},
{
"db": "NVD",
"id": "CVE-2020-27265"
}
]
},
"id": "VAR-202101-0380",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-370753"
}
],
"trust": 0.02
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"network device"
],
"sub_category": "gateway",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T21:57:10.120000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Customer Center",
"trust": 0.8,
"url": "https://digitalsupport.ge.com/communities/cc_login?startURL=%2Fen_US%2FDownload%2FIGS-Industrial-Gateway-Server-v7-xx"
},
{
"title": "GE Digital Product Security Advisory",
"trust": 0.8,
"url": "https://digitalsupport.ge.com/communities/servlet/fileField?retURL=%2Fcommunities%2Fapex%2FKnowledgeDetail%3Fid%3DkA20h0000000dpqCAA%26lang%3Den_US%26Type%3DArticle__kav\u0026entityId=ka20h00000013uHAAQ\u0026field=File_1__Body__s"
},
{
"title": "My Kepware Customer Self-Service Portal",
"trust": 0.8,
"url": "https://my.kepware.com/s/login/?ec=302\u0026startURL=%2Fs%2F"
},
{
"title": "PTC eSupport",
"trust": 0.8,
"url": "https://support.ptc.com/appserver/common/login/ssl/login.jsp?dest=%2Fappserver%2Fcs%2Fportal%2F\u0026msg=1"
},
{
"title": "Kepserver Enterprise",
"trust": 0.8,
"url": "https://rockwellautomation.custhelp.com/app/products/detail/categoryRecordID/RN_PRODUCT_611/p/611/~/kepserver-enterprise"
},
{
"title": "CISA Advisory ICSA-20-352-02 - TOP Server OPC UA Server Interface Vulnerability",
"trust": 0.8,
"url": "https://support.softwaretoolbox.com/app/answers/detail/a_id/3924"
},
{
"title": "Multiple Kepware Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=137773"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010092"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1305"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-121",
"trust": 1.8
},
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-122",
"trust": 0.8
},
{
"problemtype": "CWE-416",
"trust": 0.8
},
{
"problemtype": "CWE-276",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-370753"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010092"
},
{
"db": "NVD",
"id": "CVE-2020-27265"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-13535"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27263"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27265"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27267"
},
{
"trust": 0.8,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-03"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98489812"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4481/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27265"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-370753"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010092"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1305"
},
{
"db": "NVD",
"id": "CVE-2020-27265"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-370753"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010092"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1305"
},
{
"db": "NVD",
"id": "CVE-2020-27265"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-370753"
},
{
"date": "2020-12-21T09:01:13",
"db": "JVNDB",
"id": "JVNDB-2020-010092"
},
{
"date": "2020-12-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1305"
},
{
"date": "2021-01-14T00:15:13.417000",
"db": "NVD",
"id": "CVE-2020-27265"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-01-21T00:00:00",
"db": "VULHUB",
"id": "VHN-370753"
},
{
"date": "2020-12-21T09:01:13",
"db": "JVNDB",
"id": "JVNDB-2020-010092"
},
{
"date": "2021-01-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1305"
},
{
"date": "2024-11-21T05:20:58.083000",
"db": "NVD",
"id": "CVE-2020-27265"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1305"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural PTC Product vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010092"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1305"
}
],
"trust": 0.6
}
}
FKIE_CVE-2020-27265
Vulnerability from fkie_nvd - Published: 2021-01-14 00:15 - Updated: 2024-11-21 05:20
Severity ?
Summary
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ge | industrial_gateway_server | 7.66 | |
| ge | industrial_gateway_server | 7.68.804 | |
| ptc | kepware_kepserverex | 6.0 | |
| ptc | kepware_kepserverex | 6.9 | |
| ptc | opc-aggregator | - | |
| ptc | thingworx_industrial_connectivity | - | |
| ptc | thingworx_kepware_server | 6.8 | |
| ptc | thingworx_kepware_server | 6.9 | |
| rockwellautomation | kepserver_enterprise | 6.6.504.0 | |
| rockwellautomation | kepserver_enterprise | 6.9.572.0 | |
| softwaretoolbox | top_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ge:industrial_gateway_server:7.66:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AEAC75-5E69-4C49-8D57-35401400C9D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ge:industrial_gateway_server:7.68.804:*:*:*:*:*:*:*",
"matchCriteriaId": "906B1D62-7656-457E-B528-B0407C9D0BA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ptc:kepware_kepserverex:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6994DBB6-BA65-4E47-B0E4-42310120FC04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ptc:kepware_kepserverex:6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1720A3-85F1-4A85-B226-1CCBB34FCAAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ptc:opc-aggregator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F46490-09F7-488A-B1EB-2286BFA0F882",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ptc:thingworx_industrial_connectivity:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D01A814D-8F2B-4B88-A66B-F2A2C293A6AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ptc:thingworx_kepware_server:6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2DE510A4-1D91-447E-BF61-6CDFDFF82796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ptc:thingworx_kepware_server:6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16FBD0-8841-4E42-8FE6-796F7B4E5C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.6.504.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFA2B21-E36C-41CE-B633-B831C6D42962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.9.572.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BACC2F09-9EC8-420A-B499-BF7CD737A473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softwaretoolbox:top_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95B527BB-A27F-4080-8BBB-3FCA2408B7AE",
"versionEndIncluding": "6.9",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code."
},
{
"lang": "es",
"value": "KEPServerEX: versiones v6.0 hasta v6.9, ThingWorx Kepware Server: versiones v6.8 y v6.9, ThingWorx Industrial Connectivity: Todas las versiones, OPC-Aggregator: Todas las versiones, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: versiones v7.68.804 y v7.66, Software Toolbox TOP Server: Todas las versiones 6.x, son vulnerables a un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria.\u0026#xa0;Abrir un mensaje OPC UA espec\u00edficamente dise\u00f1ado podr\u00eda permitir a un atacante bloquear el servidor y ejecutar c\u00f3digo de remotamente"
}
],
"id": "CVE-2020-27265",
"lastModified": "2024-11-21T05:20:58.083",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-14T00:15:13.417",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…