CVE-2024-6071
published 2024-06-27CVE-2024-6071: PTC Creo Elements/Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands on the…
PriorityP270critical10CVSS 3.1
AVNACLPRNUINSCCHIHAH
EPSS
1.12%
62.0th percentile
PTC Creo Elements/Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands on the server.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ptc | creo_elements_direct_license | <= 20.7.0.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability exposes an unauthenticated web interface on the PTC Creo Elements/Direct License Server (MEls) that allows remote OS command execution — detect unauthenticated HTTP requests to the license server's web interface from external/untrusted sources ↗
- →Flag any network connections to PTC Creo Elements/Direct License Server (MEls) version 20.7.0.0 or prior from internet-facing hosts, as this version is vulnerable to unauthenticated RCE ↗
- →Monitor for unexpected OS-level process spawning (e.g., cmd.exe, sh, bash) as child processes of the PTC Creo Elements/Direct License Server process, which would indicate successful exploitation of CVE-2024-6071 ↗
- ·This vulnerability does NOT affect 'PTC Creo License Server' (lmadmin, lmgrd) — only the Creo Elements/Direct License Server (MEls) is impacted; ensure detection rules target the correct product ↗
- ·Affected version range spans a wide set of products (versions 15.00 through 20.7); patched version is 20.7.0.1 or higher — use version detection to scope exposure ↗
- ·No known public exploitation has been reported as of the advisory date, but the CVSS v4 score is 10.0 (AV:N/AC:L/AT:N/PR:N/UI:N) indicating trivial remote exploitability with no prerequisites ↗
CVSS provenance
nvdv3.110.0CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
nvdv4.010.0CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
PTC Creo Elements/Direct License Server (Update A)
cisa_ics·2024-07-09·CVSS 10.0
[CRITICAL] PTC Creo Elements/Direct License Server (Update A)
ICS Advisory
##
PTC Creo Elements/Direct License Server (Update A)
Last RevisedJuly 09, 2024
Alert CodeICSA-24-177-02
Related topics:
Industrial Control Systems, Industrial Control System Vulnerabilities
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 10.0
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: PTC
- Equipment: Creo Elements/Direct License Server
- Vulnerability: Missing Authorization
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow unauthenticated remote attackers to execute arbitrary OS commands.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
PTC reports that the following versions of Creo Elements/Direct License Server are affected; note that this vulnerability does not impact "PTC Creo Licen
GHSA
GHSA-cm55-w5wp-4fgq: PTC Creo Elements/Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands
ghsa_unreviewed·2024-06-28
CVE-2024-6071 [CRITICAL] CWE-862 GHSA-cm55-w5wp-4fgq: PTC Creo Elements/Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands
PTC Creo Elements/Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands on the server.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-06-27
Published