CVE-2024-6098

PTC Kepware ThingWorx Kepware Server Allocation of Resources Without Limits or Throttling

Description

When performing an online tag generation to devices which communicate using the ControlLogix protocol, a machine-in-the-middle, or a device that is not configured correctly, could deliver a response leading to unrestricted or unregulated resource allocation. This could cause a denial-of-service condition and crash the Kepware application. By default, these functions are turned off, yet they remain accessible for users who recognize and require their advantages.

Remediation

Workaround:

  • PTC recommends users take a defense-in-depth stance with regards to their manufacturing networks ensuring proper access control is maintained. Additionally, proper adherence to the Kepware Secure Deployment Guide https://www.ptc.com/support/-/media/support/refdocs/ThingWorx_Kepware_Server/6,-d-,16/secure_deployment_guide_tks.pdf will minimize this threat through accurate configuration and use of the product. Please refer to this article (login required) https://www.ptc.com/en/support/article/CS423892 for specific information on how this risk may be mitigated in your environment. If additional questions remain, contact PTC Technical Support. https://support.ptc.com/apps/case_logger_viewer/cs/auth/ssl/log

Category

5.9
CVSS
Severity: Medium
CVSS 4.0 •
CVSS 3.1 •
EPSS 0.05%
Affected: PTC Kepware ThingWorx Kepware Server
Affected: PTC Kepware KEPServerEX
Affected: Software Toolbox TOP Server
Affected: GE IGS
Published at:
Updated at:

References

Link Tags
https://www.cisa.gov/news-events/ics-advisories/icsa-24-228-11
https://www.ptc.com/en/support/article/CS423892

Frequently Asked Questions

What is the severity of CVE-2024-6098?
CVE-2024-6098 has been scored as a medium severity vulnerability.
How to fix CVE-2024-6098?
As a workaround for remediating CVE-2024-6098: PTC recommends users take a defense-in-depth stance with regards to their manufacturing networks ensuring proper access control is maintained. Additionally, proper adherence to the Kepware Secure Deployment Guide https://www.ptc.com/support/-/media/support/refdocs/ThingWorx_Kepware_Server/6,-d-,16/secure_deployment_guide_tks.pdf will minimize this threat through accurate configuration and use of the product. Please refer to this article (login required) https://www.ptc.com/en/support/article/CS423892 for specific information on how this risk may be mitigated in your environment. If additional questions remain, contact PTC Technical Support. https://support.ptc.com/apps/case_logger_viewer/cs/auth/ssl/log
Is CVE-2024-6098 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-6098 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-6098?
CVE-2024-6098 affects PTC Kepware ThingWorx Kepware Server, PTC Kepware KEPServerEX, Software Toolbox TOP Server, GE IGS.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.