CVE-2020-27267

Description

KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versions), OPC-Aggregator (all versions), Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server v7.68.804 and v7.66, and Software Toolbox TOP Server all 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data.

References

Link	Tags
https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02	third party advisory us government resource

Frequently Asked Questions

What is the severity of CVE-2020-27267?: CVE-2020-27267 has been scored as a critical severity vulnerability.
How to fix CVE-2020-27267?: To fix CVE-2020-27267, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2020-27267 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2020-27267 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2020-27267?: CVE-2020-27267 affects n/a PTC Kepware KEPServerEX, n/a ThingWorx Kepware Server, n/a ThingWorx Industrial Connectivity, n/a OPC-Aggregator, n/a Rockwell Automation KEPServer Enterprise, n/a GE Digital Industrial Gateway Server, n/a Software Toolbox TOP Server.

Description

Categories

CWE-416 – Use After Free

CWE-787 – Out-of-bounds Write

References

Frequently Asked Questions