PTC recently addressed a critical vulnerability in the license server for its Creo Elements/Direct CAD software. The flaw, identified as CVE-2024-6071, was discovered by Thomas Riedmaier of Siemens Energy and has a CVSS score of 10. It allows unauthenticated, remote attackers to execute arbitrary OS commands on servers running versions 20.7.0.0 and earlier. The vulnerability is significant because it could facilitate lateral movement within industrial organizations, potentially compromising critical systems.
The vulnerability affects a license server with a web interface that can be exploited by attackers who gain network access to the server. PTC has released a patch in version 20.7.0.1 and later, addressing the issue for products including Creo Elements/Direct Drafting and Modeling. Despite the severity of the flaw, PTC and CISA have indicated that there is no evidence of exploitation thus far.
Riedmaier’s findings reveal that the license server was installed on a Windows system in his research environment, allowing him to access critical information and networks by exploiting the flaw. The impact of an attack depends on the server’s deployment and access level within different organizations.
PTC responded promptly to the discovery, with advisories and a patch issued within seven weeks. Riedmaier praised PTC for its efficient handling of the vulnerability, noting their effective response and comprehensive patching efforts.
Reference:
