cbcvebase.
CVE-2023-0755
published 2023-02-23

CVE-2023-0755: The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary…

PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
11.78%
95.6th percentile
The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code.

Affected

16 ranges
VendorProductVersion rangeFixed in
concrete5concrete5>= 0 < 8.5.138.5.13
concrete5concrete5>= 9.0.0 < 9.2.29.2.2
gedigital_industrial_gateway_server<= 7.612
general_electricdigital_industrial_gateway_server<= v7.612
microsoftnet-sdk<= v5.8.4.971
ptckepware_kepserverex<= v6.12
ptckepware_server<= 6.12
ptckepware_serverex<= 6.12
ptcthingworx_edge_c-sdk<= 2.2.12.1052
ptcthingworx_edge_microserver<= 5.4.10.0
ptcthingworx_industrial_connectivity
ptcthingworx_kepware_edge<= 1.5
ptcthingworx_kepware_server<= v6.12
ptcthingworx_net-sdk<= 5.8.4.971
rockwell_automationkepserver_enterprise<= v6.12
rockwellautomationkepserver_enterprise<= 6.12

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is exploitable remotely with no authentication and low attack complexity (AV:N/AC:L/PR:N/UI:N); monitor for unexpected crashes or anomalous connections to ThingWorx Interface / OPC-UA ports on affected Kepware/ThingWorx Edge products
  • The ThingWorx Interface being enabled is the attack surface; detection should focus on whether this interface is active on affected products (KEPServerEX, ThingWorx Kepware Server, ThingWorx Kepware Edge, Rockwell KEPServer Enterprise, GE Digital Industrial Gateway Server)
  • No known public exploits exist as of advisory date (2023-02-23); prioritize detection of exploitation attempts against ThingWorx Edge C-SDK v2.2.12.1052 or lower, EMS v5.4.10.0 or lower, and .NET-SDK v5.8.4.971 or lower
  • ·ThingWorx Industrial Connectivity has no patched version listed — all versions are affected; no remediation version is provided for this product
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.