VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
PTC
> Thingworx Kepware Edge
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-11-30
CVE-2023-5908
Classic Buffer Overflow vulnerability in multiple products
KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information.
network
low complexity
ptc
softwaretoolbox
ge
rockwellautomation
CWE-120
critical
9.1
9.1
2023-11-30
CVE-2023-5909
Improper Certificate Validation vulnerability in multiple products
KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect.
network
low complexity
ptc
softwaretoolbox
ge
rockwellautomation
CWE-295
7.5
7.5
2023-03-29
CVE-2022-2825
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0.
network
low complexity
ptc
softwaretoolbox
rockwellautomation
ge
critical
9.8
9.8
2023-03-29
CVE-2022-2848
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0.
network
low complexity
ptc
softwaretoolbox
rockwellautomation
ge
critical
9.1
9.1
2023-02-23
CVE-2023-0754
The affected products are vulnerable to an integer overflow or wraparound, which could allow an attacker to crash the server and remotely execute arbitrary code.
network
low complexity
rockwellautomation
ptc
ge
critical
9.8
9.8
2023-02-23
CVE-2023-0755
The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code.
network
low complexity
ptc
rockwellautomation
ge
critical
9.8
9.8