Critical Flaw in PTC License Server Can Allow Lateral Movement in Industrial Organizations

Critical Flaw in PTC License Server Can Allow Lateral Movement in Industrial Organizations

July 2, 2024 at 05:18AM

PTC, a product lifecycle management solutions provider, released a patch for a critical vulnerability found in the license server for their Creo Elements/Direct product, affecting version 20.7.0.0 and prior. The flaw, assigned CVE-2024-6071 with a CVSS score of 10, allows unauthenticated remote attackers to execute arbitrary OS commands, potentially enabling lateral movement in industrial organizations. PTC addressed the issue promptly, with a patch included in version 20.7.0.1 and later, commended by the researcher who discovered the vulnerability.

Based on the meeting notes, here are the key takeaways:

– PTC has informed customers about a critical vulnerability affecting the license server for the Creo Elements/Direct product.
– The vulnerability, tracked as CVE-2024-6071 with a CVSS score of 10, allows unauthenticated, remote attackers to execute arbitrary OS commands on the underlying server.
– A patch for the vulnerability is included in version 20.7.0.1 and later of the license server.
– The vulnerability could enable lateral movement in industrial organizations and is used worldwide, including in the critical manufacturing sector.
– PTC stated that there is no indication that the vulnerability has been exploited.
– The impacted license server is typically not exposed to the internet, requiring access to the targeted organization’s network for exploitation.
– Riedmaier was able to exploit the vulnerability on a Windows system where the PTC license server was installed, gaining access to critical information and separated networks.
– The impact of the vulnerability depends on where the license server is deployed and the type of access it provides.

If you need further analysis or additional details, feel free to ask.

Full Article