OTPulse
FeedAboutContact

PTC Kepware LinkMaster

Plan Patch9.3ICS-CERT ICSA-20-352-03Dec 17, 2020
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

PTC Kepware LinkMaster versions 3.0.94.0 and earlier contain an improper permissions vulnerability (CWE-276) in the service configuration. A local attacker can overwrite the service configuration to execute arbitrary code with NT SYSTEM privileges. The vulnerability affects the configuration integrity of the service and could allow an attacker to modify or disable data collection and gateway functions. PTC recommends upgrading to Version 3.0.99.

What this means
What could happen
A local attacker could modify the LinkMaster service configuration and execute arbitrary code with system-level privileges, allowing them to compromise the entire control system and potentially alter critical infrastructure operations.
Who's at risk
Water authorities and electric utilities running PTC Kepware LinkMaster for data collection and gateway functions should assess this risk. Any facility using LinkMaster to connect legacy control systems (PLCs, RTUs, SCADA servers) to modern networks is affected, particularly if the server is accessed by system administrators or engineering staff on shared machines.
How it could be exploited
An attacker with local access to the machine running LinkMaster can overwrite the service configuration files. Because the service runs with NT SYSTEM privileges, the attacker gains those same privileges and can execute arbitrary commands that affect any connected industrial processes or devices.
Prerequisites
  • Local access to the LinkMaster system
  • Write access to LinkMaster service configuration directories
  • Knowledge of configuration file format and paths
Requires local access onlyNo authentication bypass requiredExecutes with system-level privilegesNo patch available for older versionsAffects system integrity and availability
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Kepware LinkMaster:≤ 3.0.94.03.0.99
Remediation & Mitigation
0/5
Do now
0/2
WORKAROUNDRestrict local login access to the LinkMaster server to authorized engineering and operations personnel only
HARDENINGApply file system permissions (ACLs) to LinkMaster configuration directories to prevent unauthorized modification
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade to PTC Kepware LinkMaster Version 3.0.99 or later
HARDENINGMonitor file changes to LinkMaster configuration directories for unauthorized modifications
Long-term hardening
0/1
HARDENINGSegregate the LinkMaster server on a protected network segment with restricted access from user workstations
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/dba30359-74a4-4e7b-907b-1ba9e688e1f3
PTC Kepware LinkMaster | CVSS 9.3 - OTPulse