CVE-2022-25252
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) when receiving certain input throws an exception. Services using said function do not handle the exception. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to crash the affected product.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| PTC | Axeda agent | All Versions | affected |
| PTC | Axeda Desktop Server for Windows | All Versions | affected |
Weaknesses
- CWE-703: CWE-703 Improper Check or Handling of Exceptional Conditions
ADP Enrichment
CVE Program Container
Additional References
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01
- https://www.ptc.com/en/support/article/CS363561
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01
- https://www.ptc.com/en/support/article/CS363561
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.