- What is the severity of CVE-2023-0754?
- CVE-2023-0754 has been scored as a critical severity vulnerability.
- How to fix CVE-2023-0754?
- To fix CVE-2023-0754: PTC has released the following resolutions: Update the impacted product to the latest version: · ThingWorx Edge C-SDK: 3.0.0 or later. · ThingWorx Edge MicroServer (EMS): v5.4.11 or later. · .NET-SDK: v5.8.5 or later. For Kepware products, the vulnerability is mitigated if the ThingWorx Interface is not enabled. To use the ThingWorx Interface without the vulnerability, update to the latest version of the product: · Kepware KEPServerEX: v6.13 or later. · ThingWorx Kepware Server (formerly ThingWorx Industrial Connectivity): v6.13 or later. · ThingWorx Kepware Edge: v1.6 or later. The following products should be upgraded as indicated or in accordance with the applicable organization’s recommendations if the ThingWorx Interface is in use: · Rockwell Automation KEPServer Enterprise: v6.13 or later. · GE Digital Industrial Gateway Server: v7.613 or later. For more information see PTC’s Customer Support Article .
- Is CVE-2023-0754 being actively exploited in the wild?
- As for now, there are no information to confirm that CVE-2023-0754 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
- What software or system is affected by CVE-2023-0754?
- CVE-2023-0754 affects PTC ThingWorx Edge C-SDK, Microsoft .NET-SDK, PTC ThingWorx Edge MicroServer (EMS), PTC Kepware KEPServerEX, PTC ThingWorx Kepware Server , PTC ThingWorx Industrial Connectivity, PTC ThingWorx Kepware Edge, Rockwell Automation KEPServer Enterprise , General Electric Digital Industrial Gateway Server .