Article - CS334963
PTC vulnerabilities in KEPServerEX and ThingWorx Kepware Server
Modified: 11-Jan-2021
Applies To
- KEPServerEX 6.0.2107.0 to 6.9
- ThingWorx Kepware Server 6.8 to 6.9
- ThingWorx Kepware Edge 1.0 to 1.1
- An ICS advisory has been published regarding the vulnerability by CISA
Description
- PTC has become aware of vulnerabilities in the Kepware OPC UA server interface for
- KEPServerEX
- Applies to versions v6.0.xx to v6.9.xx
- ThingWorx Kepware Server
- Applies to version 6.8.xx; 6.9.xx
- ThingWorx Industrial Connectivity (deprecated replaced with ThingWorx Kepware Server)
- Applies to all versions
- ThingWorx Kepware Edge
- Applies to versions 1.0, 1.1
-
- Applies to all versions prior to build 6.9.584.0
- KEPServerEX
- Should a malicious actor gain access to the customer’s ThingWorx Kepware application and perform a successful attack, the customer may experience a crash of ThingWorx Kepware products.
- The following is range of possible impacts:
- Loss of ability to configure the application
- Loss of data
- Loss of data acquisition
- Loss of control of systems
- The following is range of possible impacts:
- The industrial control system may continue to run, and the system should be designed to fail safely
- If it is not, actions may need to be taken to safely continue or to shut the system down as appropriate for the specific system
- Customers that have turned off the OPC UA interface are not vulnerable. It is important to note that this interface is on by default after install. To disable the interface please follow the steps in CS336588
This is a printer-friendly version of Article 334963 and may be out of date. For the latest version click CS334963