Loading

KEPServer Denial-of-Service Vulnerability Found During Pwn2Own Competition

Severity:
High
Advisory ID:
SD1716
Published Date:
January 28, 2025
Last Updated:
January 28, 2025
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
CVE IDs
CVE-2023-3825
Downloads
The following link(s) provide the security advisory in Vulnerability Exploitability Exchange format:
CVE-2023-3825
Summary

AFFECTED PRODUCTS AND SOLUTION

Affected Product

CVE

Affected Versions

Fixed Version

KEPServer

CVE-2023-3825

6.0 - 6.14.263

6.15

VULNERABILITY DETAILS

Rockwell Automation received a report from PTC, a strategic partner of Rockwell Automation, regarding this vulnerability discovered by Security Researchers of Claroty Team82 during the Pwn2Own competition hosted by Trend Micro’s Zero Day Initiative (ZDI). Rockwell Automation used the latest version of the CVSS scoring system to assess the following vulnerabilities.

CVE-2023-3825 IMPACT

KEPServerEX Versions 6.0 to 6.14.263 are vulnerable to being made to read a recursively defined object that leads to uncontrolled resource consumption. KEPServerEX uses OPC UA, a protocol which defines various object types that can be nested to create complex arrays. It does not implement a check to see if such an object is recursively defined, so an attack could send a maliciously created message that the decoder would try to decode until the stack overflowed and the device crashed.

CVSS 3.1 Base Score: 7.5
CVSS 3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400: Uncontrolled Resource Consumption
Known Exploited Vulnerability (KEV) database: No

Mitigations and Workarounds
Customers using the affected software are encouraged to apply the risk mitigations, if possible.

·         For information on how to mitigate Security Risks on industrial automation control systems, we encourage customers to implement our suggested security best practices

to minimize the risk of the vulnerability.

Customers can use Stakeholder-Specific Vulnerability Categorization

to generate more environment-specific prioritization.

ADDITIONAL RESOURCES

·         NVD - CVE-2023-3825

·         PTC KEPServerEX | CISA

·         CS405439 - Security vulnerabilities identified in PTC Kepware products - November 2023

Rockwell Automation Home
Copyright ©2022 Rockwell Automation, Inc.
  1. Chevron LeftChevron Left United Kingdom Chevron RightChevron Right
  2. Chevron LeftChevron Left Trust Center Chevron RightChevron Right
  3. Chevron LeftChevron Left Industrial Security Adv Chevron RightChevron Right
  4. Chevron LeftChevron Left Industrial Security Advisory Detail Chevron RightChevron Right
Please update your cookie preferences to continue.
This feature requires cookies to enhance your experience. Please update your preferences to allow for these cookies:
  • Social Media Cookies
  • Functional Cookies
  • Performance Cookies
  • Marketing Cookies
  • All Cookies
You can update your preferences at any time. For more information please see our Privacy Policy
CloseClose