Lucene search
+L

96 matches found

NVD
NVD
added 2023/03/29 7:15 p.m.38 views

CVE-2022-2848

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...

9.1CVSS9.5AI score0.03366EPSS
Exploits0References2
NVD
NVD
added 2023/03/29 7:15 p.m.39 views

CVE-2022-2825

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...

9.8CVSS9.7AI score0.03402EPSS
Exploits0References2
Prion
Prion
added 2023/03/29 7:15 p.m.25 views

Stack overflow

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...

7.5CVSS9.7AI score0.03402EPSS
Exploits0References2Affected Software7
Vulnrichment
Vulnrichment
added 2023/03/29 12:0 a.m.9 views

CVE-2022-2825

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...

9.8CVSS7.2AI score0.03402EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/29 12:0 a.m.41 views

CVE-2022-2848

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...

9.1CVSS9.5AI score0.03366EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/29 12:0 a.m.47 views

CVE-2022-2825

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...

9.8CVSS9.8AI score0.03402EPSS
Exploits0References2
CVE
CVE
added 2023/03/29 12:0 a.m.68 views

CVE-2022-2848

CVE-2022-2848 affects Kepware KEPServerEX 6.11.718.0. A heap-based buffer overflow occurs during handling of text encoding conversions due to improper length validation of user-supplied data, allowing remote code execution in the context of SYSTEM. The vulnerability is network-exploitable with no...

9.1CVSS9.4AI score0.03366EPSS
Exploits0References2Affected Software8
CVE
CVE
added 2023/03/29 12:0 a.m.66 views

CVE-2022-2825

The CVE-2022-2825 issue affects Kepware KEPServerEX 6.11.718.0, with a stack-based buffer overflow in the handling of text encoding conversions caused by improper validation of the length of user-supplied data. It allows remote attackers to execute arbitrary code with SYSTEM privileges without au...

9.8CVSS9.6AI score0.03402EPSS
Exploits0References2Affected Software8
ICS
ICS
added 2023/02/27 8:46 p.m.62 views

PTC ThingWorx Edge

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: ThingWorx Edge Vulnerabilities: Improper Validation of Array Index, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

9.8CVSS10AI score0.11784EPSS
Exploits2References5
Zero Day Initiative
Zero Day Initiative
added 2022/10/21 12:0 a.m.56 views

(Pwn2Own) Kepware KEPServerEX Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack of proper...

9.8CVSS5.9AI score0.03402EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/10/21 12:0 a.m.39 views

(Pwn2Own) Kepware KEPServerEX Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack of proper...

9.1CVSS5.9AI score0.03366EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/08/31 12:0 a.m.7 views

The vulnerabilities of Kepware KEPServerEX, ThingWorkx Kepware Server, ThingWorx Industrial Connectivity, ThingWorx Kepware Edge, and OPC-aggregator PTC OPC-Aggregator software are related to buffer overflows in dynamic memory. This allows attackers to gain unauthorized access to protected information or cause service failures.

The vulnerabilities of the Kepware KEPServerEX, ThingWorkx Kepware Server, ThingWorx Industrial Connectivity, ThingWorx Kepware Edge, and OPC-agregator PTC OPC-Aggregator software are related to buffer overflows in dynamic memory. Exploiting these vulnerabilities can allow a malicious actor to ga...

10CVSS8AI score0.03366EPSS
Exploits0References3Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/08/31 12:0 a.m.9 views

The vulnerabilities of Kepware KEPServerEX, ThingWorkx Kepware Server, ThingWorx Industrial Connectivity, ThingWorx Kepware Edge, and OPC-aggregator PTC OPC-Aggregator software are related to buffer overflows in the stack. This allows attackers to gain unauthorized access to protected information or cause service failures.

The vulnerabilities of the Kepware OPC-server software, including KEPServerEX, ThingWorkx Kepware Server, ThingWorx Industrial Connectivity, ThingWorx Kepware Edge, and the OPC-aggregator PTC OPC-Aggregator, are related to buffer overflows in the stack. Exploiting these vulnerabilities can allow ...

10CVSS8.1AI score0.03402EPSS
Exploits0References3Affected Software7
Positive Technologies
Positive Technologies
added 2022/08/30 12:0 a.m.9 views

PT-2022-4524 · Kepware · Kepserverex

Name of the Vulnerable Software and Affected Versions: Kepware KEPServerEX version 6.11.718.0 Description: This issue allows remote attackers to execute arbitrary code on affected installations. Authentication is not required to exploit this issue. The specific flaw exists within the handling of...

9.1CVSS7.8AI score0.03366EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/08/30 12:0 a.m.9 views

PT-2022-4525 · Ptc +1 · Thingworx Kepware Edge +4

Name of the Vulnerable Software and Affected Versions: Kepware KEPServerEX version 6.11.718.0 ThingWorx Kepware Server affected versions not specified ThingWorx Industrial Connectivity affected versions not specified ThingWorx Kepware Edge affected versions not specified PTC OPC-Aggregator affect...

10CVSS8.1AI score0.03402EPSS
Exploits0References7
ICS
ICS
added 2022/08/30 12:0 a.m.133 views

PTC Kepware KEPServerEX (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: Kepware KEPServerEX Vulnerabilities: Heap-based Buffer Overflow, Stack-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

10AI score
Exploits0References5
CISA
CISA
added 2022/08/29 12:0 a.m.21 views

CISA Releases 12 Industrial Control Systems Advisories

CISA has released 12 Industrial Control Systems ICS advisories on August 30, 2022. These advisories provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

Exploits0References12
Tenable Nessus
Tenable Nessus
added 2021/05/17 12:0 a.m.39 views

PTC OPC UA Server Multiple vulnerabilities

Binary data ptcopcuamultivulns.nbin...

9.8CVSS9.3AI score0.10062EPSS
Exploits0References6
OSV
OSV
added 2021/01/14 12:15 a.m.3 views

CVE-2020-27265

KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are...

9.8CVSS7.8AI score0.10062EPSS
Exploits0References1
NVD
NVD
added 2021/01/14 12:15 a.m.28 views

CVE-2020-27265

KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are...

9.8CVSS9.6AI score0.10062EPSS
Exploits0References1
Rows per page
Query Builder