96 matches found
CVE-2022-2848
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...
CVE-2022-2825
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...
Stack overflow
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...
CVE-2022-2825
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...
CVE-2022-2848
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...
CVE-2022-2825
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...
CVE-2022-2848
CVE-2022-2848 affects Kepware KEPServerEX 6.11.718.0. A heap-based buffer overflow occurs during handling of text encoding conversions due to improper length validation of user-supplied data, allowing remote code execution in the context of SYSTEM. The vulnerability is network-exploitable with no...
CVE-2022-2825
The CVE-2022-2825 issue affects Kepware KEPServerEX 6.11.718.0, with a stack-based buffer overflow in the handling of text encoding conversions caused by improper validation of the length of user-supplied data. It allows remote attackers to execute arbitrary code with SYSTEM privileges without au...
PTC ThingWorx Edge
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: ThingWorx Edge Vulnerabilities: Improper Validation of Array Index, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...
(Pwn2Own) Kepware KEPServerEX Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack of proper...
(Pwn2Own) Kepware KEPServerEX Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack of proper...
The vulnerabilities of Kepware KEPServerEX, ThingWorkx Kepware Server, ThingWorx Industrial Connectivity, ThingWorx Kepware Edge, and OPC-aggregator PTC OPC-Aggregator software are related to buffer overflows in dynamic memory. This allows attackers to gain unauthorized access to protected information or cause service failures.
The vulnerabilities of the Kepware KEPServerEX, ThingWorkx Kepware Server, ThingWorx Industrial Connectivity, ThingWorx Kepware Edge, and OPC-agregator PTC OPC-Aggregator software are related to buffer overflows in dynamic memory. Exploiting these vulnerabilities can allow a malicious actor to ga...
The vulnerabilities of Kepware KEPServerEX, ThingWorkx Kepware Server, ThingWorx Industrial Connectivity, ThingWorx Kepware Edge, and OPC-aggregator PTC OPC-Aggregator software are related to buffer overflows in the stack. This allows attackers to gain unauthorized access to protected information or cause service failures.
The vulnerabilities of the Kepware OPC-server software, including KEPServerEX, ThingWorkx Kepware Server, ThingWorx Industrial Connectivity, ThingWorx Kepware Edge, and the OPC-aggregator PTC OPC-Aggregator, are related to buffer overflows in the stack. Exploiting these vulnerabilities can allow ...
PT-2022-4524 · Kepware · Kepserverex
Name of the Vulnerable Software and Affected Versions: Kepware KEPServerEX version 6.11.718.0 Description: This issue allows remote attackers to execute arbitrary code on affected installations. Authentication is not required to exploit this issue. The specific flaw exists within the handling of...
PT-2022-4525 · Ptc +1 · Thingworx Kepware Edge +4
Name of the Vulnerable Software and Affected Versions: Kepware KEPServerEX version 6.11.718.0 ThingWorx Kepware Server affected versions not specified ThingWorx Industrial Connectivity affected versions not specified ThingWorx Kepware Edge affected versions not specified PTC OPC-Aggregator affect...
PTC Kepware KEPServerEX (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: Kepware KEPServerEX Vulnerabilities: Heap-based Buffer Overflow, Stack-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...
CISA Releases 12 Industrial Control Systems Advisories
CISA has released 12 Industrial Control Systems ICS advisories on August 30, 2022. These advisories provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...
PTC OPC UA Server Multiple vulnerabilities
Binary data ptcopcuamultivulns.nbin...
CVE-2020-27265
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are...
CVE-2020-27265
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are...