Forescout’s Vedere Labs, in partnership with CyberMDX, have discovered a set of seven new vulnerabilities affecting PTC’s Axeda agent, which we are collectively calling Access:7. Three of the vulnerabilities were rated critical by CISA, as they could enable hackers to remotely execute malicious code and take full control of devices, access sensitive data or alter configurations in impacted devices.
The Axeda solution enables device manufacturers to remotely access and manage connected devices. The affected agent is most popular in healthcare but is also present in other industries, such as financial services and manufacturing. A detailed list of 150+ potentially affected devices from 100+ vendors highlights the significance of the vulnerabilities. The list contains several medical imaging and laboratory devices.
IoT devices use a wide variety of operating systems, hardware and software. Typically, IoT manufacturers do not allow customers to install software, including security agents, on their devices. In the case of Access:7, PTC depends on IoT manufacturers to install the Axeda agent before their IoT devices are sold to customers in what is typically called an original equipment manufacturer (OEM) approach.
All versions of the Axeda Agent below 6.9.3 are affected, and Axeda has released patches for all the vulnerabilities. More details about the vulnerabilities and their exploitation are available in our technical report.
You may check Forescout's official blog or this technical report for more details.
