ICSA-24-177-02
·
Published 2024-07-02
·
View on CISA ICS-CERT ↗
PTC Creo Elements/Direct License Server (Update A)
CVSS 10.0
CRITICAL
Risk Summary
Successful exploitation of this vulnerability could allow unauthenticated remote attackers to execute arbitrary OS commands.
CVEs (1)
Remediations
- PTC recommends that users upgrade to Creo Elements/Direct License Server 20.7.0.1 or higher version:
- Creo Elements/Direct Drafting
- Creo Elements/Direct Model/Drawing Mgr
- Creo Elements/Direct Modeling
- Creo Elements/Direct WorkManager
- If additional questions remain, please contact PTC Technical Support.
- For more information, see PTC's CS article
Affected Vendors
PTC
Affected Products (5)
PTC
·
Creo Elements/Direct Drafting
>=15.00|<=20.7
PTC
·
Creo Elements/Direct Model Manager / Drawing Manager
>=15.00|<=20.7
PTC
·
Creo Elements/Direct Modeling
>=15.00|<=20.7
PTC
·
Creo Elements/Direct WorkManager / DDM
>=15.00|<=20.4
PTC
·
Creo Elements/Direct License Server (MEls)
<=20.7.0.0
Affected Sectors
Information Technology
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more