CVE-2023-5909
published 2023-11-30CVE-2023-5909: KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect.
PriorityP342high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.44%
35.3th percentile
KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ge | industrial_gateway_server | <= 7.614 | — |
| ge_gigital | industrial_gateway_server | <= 7.614 | — |
| ptc | keepserverex | <= 6.14.263.0 | — |
| ptc | kepserverex | <= 6.14.263.0 | — |
| ptc | opc-aggregator | <= 6.14 | — |
| ptc | thingworx_industrial_connectivity | — | — |
| ptc | thingworx_kepware_edge | <= 1.7 | — |
| ptc | thingworx_kepware_server | <= 6.14.263.0 | — |
| rockwell_automation | kepserver_enterprise | <= 6.14.263.0 | — |
| rockwellautomation | kepserver_enterprise | <= 6.14.263.0 | — |
| software_toolbox | top_server | <= 6.14.263.0 | — |
| softwaretoolbox | top_server | <= 6.14.263.0 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rw69-wr48-w7px: KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect
ghsa_unreviewed·2023-12-01
CVE-2023-5909 [HIGH] CWE-295 GHSA-rw69-wr48-w7px: KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect
KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect.
CISA ICS
PTC KEPServerEx
cisa_ics·2023-11-30·CVSS 9.1
[CRITICAL] PTC KEPServerEx
ICS Advisory
##
PTC KEPServerEx
Release DateNovember 30, 2023
Alert CodeICSA-23-334-03
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.1
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: PTC
- Equipment: KEPServerEX, ThingWorx, OPC-Aggregator
- Vulnerabilities: Heap-based Buffer Overflow, Improper Validation of Certificate with Host Mismatch
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker gaining Windows SYSTEM-level code execution on the service host and may cause the product to crash, leak sensitive information, or connect to the product without proper authentication.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following PTC Kepware products, are affected:
- KEPServerEX: v6.14.263.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-11-30
Published