3 matches found
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on November 30, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-334-01 Delta Electronics DOPSoft ICSA-23-334-02 Yokogawa STARDOM ICSA-23-334-03 PTC...
CVE-2023-3825
CVE-2023-3825 affects PTC KEPServerEX (Versions 6.0–6.14.263). The root cause is the OPC UA message decoder not validating recursively defined objects, enabling an attacker to trigger uncontrolled resource consumption, potentially causing stack overflow and device crash (DoS). Public sources cons...
CVE-2023-3825
PTC’s KEPServerEX Versions 6.0 to 6.14.263 are vulnerable to being made to read a recursively defined object that leads to uncontrolled resource consumption. KEPServerEX uses OPC UA, a protocol which defines various object types that can be nested to create complex arrays. It does not implement a...