CVE-2023-29444: 
PTC KEPServerEX vulnerability analysis and mitigation

CVE-2023-29444 is an uncontrolled search path element vulnerability (DLL hijacking) discovered in PTC Kepware KepServerEX, ThingWorx Kepware Server, and ThingWorx Industrial Connectivity products. The vulnerability affects versions from 6.0.2107.0 up to 6.14.263.0 for KepServerEX and ThingWorx Kepware Server, and versions 8.0 to 8.5 for ThingWorx Industrial Connectivity (NVD, CISA Advisory).

The vulnerability is classified as CWE-427 (Uncontrolled Search Path Element) and has received a CVSS v3.1 base score of 6.3 (MEDIUM) with the vector string CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H according to Dragos, Inc. NIST has assigned a higher CVSS score of 7.3 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H (NVD).

Successful exploitation of this vulnerability could allow an attacker to escalate privileges to SYSTEM level. Additionally, attackers could potentially host a trojanized version of the software and trick victims into downloading and installing their malicious version to gain initial access and execute arbitrary code (CISA Advisory).

PTC was aware of this vulnerability and planned to address it through patches expected by November 2023. The vendor recommends users follow the directions in their secure configuration documentation. CISA recommends minimizing network exposure for control system devices, ensuring they are not accessible from the internet, and locating control system networks behind firewalls isolated from business networks (CISA Advisory).