CVE-2024-6098 Information

Description

When performing an online tag generation to devices which communicate using the ControlLogix protocol a machine-in-the-middle or a device that is not configured correctly could deliver a response leading to unrestricted or unregulated resource allocation. This could cause a denial-of-service condition and crash the Kepware application. By default these functions are turned off yet they remain accessible for users who recognize and require their advantages.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-24-228-11 https://www.ptc.com/en/support/article/CS423892