CVE-2022-25251 An agent or desktop server may allow attackers to send certain XML messages to a specific port without proper authentication.

The vulnerability exists due to improperly filtering XML data sent to a specific port. An attacker could exploit this vulnerability by sending specially crafted XML messages to the targeted product. Successful exploitation could allow an attacker to read and modify the affected product’s configuration. This vulnerability has been assigned the following CVSS score: CVSS v3 Severity 8 – High Exploitable If you are running a version of Axeda Agent (All versions) or Axeda Desktop Server for Windows and are experiencing issues connecting to a certain port, confirm if you are really connected to a specific port. Confirm the port number you are connected to and make sure you are using the correct credentials. There is no need to panic as this is a very common issue that affects all software. After the patch has been applied, you can confirm you are connected to a specific port by checking the list of established connections in the software.

Axeda Agent (All versions) and Axeda Desktop Server for Windows

Axeda Agent (All versions) and Axeda Desktop Server for Windows are vulnerable to a vulnerability that could allow an attacker to read and modify the affected product’s configuration. The vulnerability exists due to improperly filtering XML data sent to a specific port. An attacker could exploit this vulnerability by sending specially crafted XML messages to the targeted product. Successful exploitation could allow an attacker to read and modify the affected product’s configuration.

HTTP Header Issues

HTTP headers are a way for software to communicate with other software. They can be used in different ways, such as to identify what software is sending the request and to identify the purpose of the request. The default HTTP headers that an application uses are:
"M-SEARCH * HTTP/1.1\r
Host: example.com\r
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2)\r
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r
Accept-Language: en-us,en;q=0.5\r
Referer: http://www.example.com/blog?id=35789&title=Hello%20World\"

Timeline

Published on: 03/16/2022 15:15:00 UTC
Last modified on: 03/28/2022 13:30:00 UTC

References

• https://www.ptc.com/en/support/article/CS363561
• https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-01
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25251