Lucene search

[email protected]CVE-2020-27267

HistoryJan 14, 2021 - 12:15 a.m.

CVE-2020-27267

2021-01-1400:15:13

CWE-787

CWE-416

[email protected]

web.nvd.nist.gov

cve-2020-27267

buffer overflow

industrial servers

security vulnerability

opc ua

nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

9.2 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

JSON

KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versions), OPC-Aggregator (all versions), Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server v7.68.804 and v7.66, and Software Toolbox TOP Server all 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data.

Affected configurations

NVD

Node

geindustrial_gateway_serverMatch7.66

geindustrial_gateway_serverMatch7.68.804

ptckepware_kepserverexMatch6.0

ptckepware_kepserverexMatch6.9

ptcopc-aggregatorMatch-

ptcthingworx_industrial_connectivityMatch-

ptcthingworx_kepware_serverMatch6.8

ptcthingworx_kepware_serverMatch6.9

rockwellautomationkepserver_enterpriseMatch6.6.504.0

rockwellautomationkepserver_enterpriseMatch6.9.572.0

softwaretoolboxtop_serverRange6.0–6.9

CPENameOperatorVersion
ge:industrial_gateway_serverge industrial gateway servereq7.66
ge:industrial_gateway_serverge industrial gateway servereq7.68.804
ptc:kepware_kepserverexptc kepware kepserverexeq6.0
ptc:kepware_kepserverexptc kepware kepserverexeq6.9
ptc:opc-aggregatorptc opc-aggregatoreq-
ptc:thingworx_industrial_connectivityptc thingworx industrial connectivityeq-
ptc:thingworx_kepware_serverptc thingworx kepware servereq6.8
ptc:thingworx_kepware_serverptc thingworx kepware servereq6.9
rockwellautomation:kepserver_enterpriserockwellautomation kepserver enterpriseeq6.6.504.0
rockwellautomation:kepserver_enterpriserockwellautomation kepserver enterpriseeq6.9.572.0

CPE	Name	Operator	Version
ge:industrial_gateway_server	ge industrial gateway server	eq	7.66
ge:industrial_gateway_server	ge industrial gateway server	eq	7.68.804
ptc:kepware_kepserverex	ptc kepware kepserverex	eq	6.0
ptc:kepware_kepserverex	ptc kepware kepserverex	eq	6.9
ptc:opc-aggregator	ptc opc-aggregator	eq	-
ptc:thingworx_industrial_connectivity	ptc thingworx industrial connectivity	eq	-
ptc:thingworx_kepware_server	ptc thingworx kepware server	eq	6.8
ptc:thingworx_kepware_server	ptc thingworx kepware server	eq	6.9
rockwellautomation:kepserver_enterprise	rockwellautomation kepserver enterprise	eq	6.6.504.0
rockwellautomation:kepserver_enterprise	rockwellautomation kepserver enterprise	eq	6.9.572.0

Rows per page:

1-10 of 111

CNA Affected

[
  {
    "product": "PTC Kepware KEPServerEX",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "v6.0 to v6.9"
      }
    ]
  },
  {
    "product": "ThingWorx Kepware Server",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "v6.8 and v6.9"
      }
    ]
  },
  {
    "product": "ThingWorx Industrial Connectivity",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "OPC-Aggregator",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "Rockwell Automation KEPServer Enterprise",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "GE Digital Industrial Gateway Server",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "v7.68.804"
      },
      {
        "status": "affected",
        "version": "v7.66"
      }
    ]
  },
  {
    "product": "Software Toolbox TOP Server",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "All 6.x versions"
      }
    ]
  }
]

References

us-cert.cisa.gov/ics/advisories/icsa-20-352-02

Social References

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

9.2 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

JSON

Related for CVE-2020-27267

prion1 nvd1 cvelist1 nessus3 ics1