A critical vulnerability (CVE-2024-6071) was discovered in the license server for PTC’s Creo Elements/Direct product, specifically version 20.7.0.0 and prior. The vulnerability allows unauthenticated remote attackers to execute arbitrary OS commands on the underlying server, exposing it to lateral movement in industrial organizations. The flaw has been assigned a CVSS score of 10.
A patch is included in version 20.7.0.1 and later of the license server, which is available for products such as Creo Elements/Direct Drafting, Model/Drawing Mgr, Modeling, and WorkManager. PTC has not indicated or been made aware that this vulnerability has or is being exploited.
The impacted license server is typically not exposed to the internet, requiring an attacker to have access to the targeted organization’s network to exploit the vulnerability. The potential impact depends on where the license server is deployed and the type of access it provides.
PTC was commended for its handling of the vulnerability, conducting analysis, publishing a patch, and issuing an advisory within seven weeks.