PTC Axeda agent and Axeda Desktop Server (Update C)

Risk Summary

Successful exploitation of these vulnerabilities could result in full system access, remote code execution, read/change configuration, file system read access, log information access, and a denial-of-service condition.

CVEs (7)

Remediations

• Upgrade to Axeda agent Version 6.9.2 build 1049 or 6.9.3 build 1051 when running older versions of the Axeda agent.
• Configure Axeda agent and Axeda Desktop Server (ADS) to only listen on the local host interface 127.0.0.1. Refer to PTC knowledge article CS360255
• Provide a unique password in the AxedaDesktop.ini file for each unit.
• Never use ERemoteServer in production.
• Make sure to delete ERemoteServer file from host device.
• Remove the installation file, for example: Gateway_vs2017-en-us-x64-pc-winnt-vc14-6.9.3-1051.msi
• When running in Windows or Linux, only allow connections to ERemoteServer from trusted hosts and block all others.
• When running the Windows operating system, configure Localhost communications (127.0.0.1) between ERemoteServer and Axeda Builder. Refer to PTC knowledge article CS360255
• Configure the Axeda agent for the authentication information required to log in to the Axeda Deployment Utility. Refer to PTC knowledge article CS360255
• PTC recommends upgrading the Axeda Desktop Server (ADS) to Version 6.9 build 215
• The Axeda agent loopback-only configuration is only available in Version 6.9.1 and above. Hence, upgrading to Axeda agent 6.9.1 or above is required.
• For more information refer to PTC Security Advisory and Resolution and Axeda Public Advisory.
• Accuray
• Agilent
• BD
• Bayer
• Beckman Coulter
• Elekta (Login Required)
• General Electric
• Hologic
• Roche Diagnostics
• Smiths Medical
• Varian

Affected Vendors

Affected Products (2)

Affected Sectors

Multiple