Kepware Security Vulnerabilities
PTC’s KEPServerEX Versions 6.0 to 6.14.263 are vulnerable to being made to read a recursively defined object that leads to uncontrolled resource consumption. KEPServerEX uses OPC UA, a protocol which defines various object types that can be nested to create complex arrays. It does not implement a.....
7.5CVSS
7.3AI Score
0.001EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack....
9.1CVSS
9.4AI Score
0.003EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack....
9.8CVSS
9.6AI Score
0.004EPSS
The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0 allows remote attackers to cause a denial of service (master-station infinite loop) via crafted DNP3 packets to TCP port 20000 and allows physically proximate attackers to cause a denial of service...
6.9AI Score
0.002EPSS
A privilege escalation vulnerability exists in Kepware LinkMaster 3.0.94.0. In its default configuration, an attacker can globally overwrite service configuration to execute arbitrary code with NT SYSTEM...
7.8CVSS
8AI Score
0.001EPSS