Loading

KEPServer Denial-of-Service Vulnerability Found During Pwn2Own Competition

Severity:
High
Advisory ID:
SD1716
發佈日期:
January 28, 2025
最近更新:
August 06, 2025
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
否
Corrected:
是
Workaround:
否
CVE IDs
CVE-2023-3825
下載
The following link(s) provide the security advisory in Vulnerability Exploitability Exchange format:
JSON
摘要

AFFECTED PRODUCTS AND SOLUTION

Affected Product

CVE

Affected Versions

Fixed Version

KEPServer

CVE-2023-3825

6.0 - 6.14.263

6.15

SECURITY ISSUE DETAILS

Rockwell Automation received a report from PTC regarding a security issue discovered by Security Researchers of Claroty Team82. 

Rockwell Automation uses the latest version of the CVSS scoring system to assess the security issues.

CVE-2023-3825 IMPACT

KEPServerEX Versions 6.0 to 6.14.263 are open to being made to read a repeatedly defined object that leads to uncontrolled resource consumption. KEPServerEX uses OPC UA, a protocol which defines various object types that can be stored to create complex arrays. It does not apply a check to see if such an object is recursively defined. An attacker could send a maliciously created message that the decoder would try to decode until the stack overflowed and the device crashed.

CVSS 3.1 Base Score: 7.5
CVSS 3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400: Uncontrolled Resource Consumption
Known Exploited Vulnerability (KEV) database: No

Mitigations and Workarounds
Customers using the affected software should use risk mitigations.

·         For information on Security Risks and how to reduce risks, customers should use our suggested security best practices.

Customers can use Stakeholder-Specific Vulnerability Categorization to create more environment-specific categories.

ADDITIONAL RESOURCES

·         NVD - CVE-2023-3825

·         PTC KEPServerEX | CISA

·         CS405439 - Security vulnerabilities identified in PTC Kepware products - November 2023

 Glossary:

Claroty Team82: a research arm that provides vulnerability and threat research to customers and defenders of industrial networks worldwide

KEPServerEX: connectivity platform that provides a single source of industrial automation

Known Exploited Vulnerability (KEV) database: an official list of security flaws that attackers have actively exploited 

Rockwell Automation Home
Copyright ©2022 Rockwell Automation, Inc.
  1. Chevron LeftChevron Left Rockwell Automation 首頁 Chevron RightChevron Right
  2. Chevron LeftChevron Left Trust Center Chevron RightChevron Right
  3. Chevron LeftChevron Left Industrial Security Adv Chevron RightChevron Right
  4. Chevron LeftChevron Left Industrial Security Advisory Detail Chevron RightChevron Right
請更新您的 cookie 設定以繼續.
此功能需要 cookie 來改善您的體驗。請更新您的設定以允許這些 cookie:
  • 社群媒體Cookie
  • 功能Cookie
  • 性能Cookie
  • 行銷Cookie
  • 全部Cookie
您可以隨時更新您的設定。想了解更多訊息,請參閱我們的 {0} 隱私政策
CloseClose