4 matches found
CVE-2023-3825
creationtimestamp| type| source ---|---|--- 2025-01-28 22:20:45+00:00| seen| https://infosec.exchange/users/cR0w/statuses/113908308068172337 2025-01-30 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-030-04...
CVE-2023-3825
PTC’s KEPServerEX Versions 6.0 to 6.14.263 are vulnerable to being made to read a recursively defined object that leads to uncontrolled resource consumption. KEPServerEX uses OPC UA, a protocol which defines various object types that can be nested to create complex arrays. It does not implement a...
CVE-2023-3825
CVE-2023-3825 affects PTC KEPServerEX (Versions 6.0–6.14.263). The root cause is the OPC UA message decoder not validating recursively defined objects, enabling an attacker to trigger uncontrolled resource consumption, potentially causing stack overflow and device crash (DoS). Public sources cons...
CVE-2023-3825
PTC’s KEPServerEX Versions 6.0 to 6.14.263 are vulnerable to being made to read a recursively defined object that leads to uncontrolled resource consumption. KEPServerEX uses OPC UA, a protocol which defines various object types that can be nested to create complex arrays. It does not implement a...