Skip to main content

Kepserver Enterprise

4 CVEs product

Monthly

CVE-2023-5909 HIGH This Week

KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Industrial Gateway Server Keepserverex Opc Aggregator Thingworx Industrial Connectivity +4
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-5908 CRITICAL Act Now

KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Industrial Gateway Server Keepserverex Opc Aggregator +5
NVD
CVSS 3.1
9.1
EPSS
1.0%
CVE-2023-0755 CRITICAL Act Now

The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Digital Industrial Gateway Server Kepware Server Kepware Serverex Thingworx Net Sdk +5
NVD
CVSS 3.1
9.8
EPSS
11.8%
CVE-2023-0754 CRITICAL Act Now

The affected products are vulnerable to an integer overflow or wraparound, which could allow an attacker to crash the server and remotely execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Digital Industrial Gateway Server Kepware Server Kepware Serverex +6
NVD
CVSS 3.1
9.8
EPSS
2.9%
EPSS 0% CVSS 7.5
HIGH This Week

KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Industrial Gateway Server Keepserverex +6
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Industrial Gateway Server +7
NVD
EPSS 12% CVSS 9.8
CRITICAL Act Now

The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Digital Industrial Gateway Server Kepware Server +7
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

The affected products are vulnerable to an integer overflow or wraparound, which could allow an attacker to crash the server and remotely execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Digital Industrial Gateway Server +8
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy