cbcvebase.
CVE-2023-5908
published 2023-11-30

CVE-2023-5908: KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information.

PriorityP345critical9.1CVSS 3.1
AVNACLPRNUINSUCHINAH
EPSS
0.96%
57.2th percentile
KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information.

Affected

12 ranges
VendorProductVersion rangeFixed in
geindustrial_gateway_server<= 7.614
ge_gigitalindustrial_gateway_server<= 7.614
ptckeepserverex<= 6.14.263.0
ptckepserverex<= 6.14.263.0
ptcopc-aggregator<= 6.14
ptcthingworx_industrial_connectivity
ptcthingworx_kepware_edge<= 1.7
ptcthingworx_kepware_server<= 6.14.263.0
rockwell_automationkepserver_enterprise<= 6.14.263.0
rockwellautomationkepserver_enterprise<= 6.14.263.0
software_toolboxtop_server<= 6.14.263.0
softwaretoolboxtop_server<= 6.14.263.0
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.