Lucene search
IcscertCVELIST:CVE-2020-27267HistoryJan 13, 2021 - 11:25 p.m.
CVE-2020-27267
2021-01-1323:25:07
CWE-416
icscert
www.cve.org
KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versions), OPC-Aggregator (all versions), Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server v7.68.804 and v7.66, and Software Toolbox TOP Server all 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data.
CNA Affected
[
{
"product": "PTC Kepware KEPServerEX",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "v6.0 to v6.9"
}
]
},
{
"product": "ThingWorx Kepware Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "v6.8 and v6.9"
}
]
},
{
"product": "ThingWorx Industrial Connectivity",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "OPC-Aggregator",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "Rockwell Automation KEPServer Enterprise",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "GE Digital Industrial Gateway Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "v7.68.804"
},
{
"status": "affected",
"version": "v7.66"
}
]
},
{
"product": "Software Toolbox TOP Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All 6.x versions"
}
]
}
]Related
prion
prion
Heap overflow
2021-01-14 00:15:00
nvd
nvd
CVE-2020-27267
2021-01-14 00:15:13
nessus
nessus
Rockwell (CVE-2020-27267) (deprecated)
2022-02-07 00:00:00
Softwaretoolbox Top Out-of-bounds Write
2021-08-10 00:00:00
PTC OPC UA Server Multiple vulnerabilities
2021-05-17 00:00:00
cve
cve
CVE-2020-27267
2021-01-14 00:15:13
ics
ics
PTC Kepware KEPServerEX (Update A)
2021-01-05 12:00:00