Vulnerabilities > PTC > Thingworx Kepware Server > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-30 CVE-2023-5908 Classic Buffer Overflow vulnerability in multiple products
KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information.
network
low complexity
ptc softwaretoolbox ge rockwellautomation CWE-120
critical
 9.1
9.1
2023-03-29 CVE-2022-2848 Heap-based Buffer Overflow vulnerability in multiple products
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0.
network
low complexity
ptc softwaretoolbox rockwellautomation ge CWE-122
critical
 9.1
9.1
2023-03-29 CVE-2022-2825 Stack-based Buffer Overflow vulnerability in multiple products
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0.
network
low complexity
ptc softwaretoolbox rockwellautomation ge CWE-121
critical
 9.8
9.8