CVE-2023-5908
published 2023-11-30CVE-2023-5908: KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information.
PriorityP345critical9.1CVSS 3.1
AVNACLPRNUINSUCHINAH
EPSS
0.96%
57.2th percentile
KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ge | industrial_gateway_server | <= 7.614 | — |
| ge_gigital | industrial_gateway_server | <= 7.614 | — |
| ptc | keepserverex | <= 6.14.263.0 | — |
| ptc | kepserverex | <= 6.14.263.0 | — |
| ptc | opc-aggregator | <= 6.14 | — |
| ptc | thingworx_industrial_connectivity | — | — |
| ptc | thingworx_kepware_edge | <= 1.7 | — |
| ptc | thingworx_kepware_server | <= 6.14.263.0 | — |
| rockwell_automation | kepserver_enterprise | <= 6.14.263.0 | — |
| rockwellautomation | kepserver_enterprise | <= 6.14.263.0 | — |
| software_toolbox | top_server | <= 6.14.263.0 | — |
| softwaretoolbox | top_server | <= 6.14.263.0 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
PTC KEPServerEx
cisa_ics·2023-11-30·CVSS 9.1
[CRITICAL] PTC KEPServerEx
ICS Advisory
##
PTC KEPServerEx
Release DateNovember 30, 2023
Alert CodeICSA-23-334-03
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.1
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: PTC
- Equipment: KEPServerEX, ThingWorx, OPC-Aggregator
- Vulnerabilities: Heap-based Buffer Overflow, Improper Validation of Certificate with Host Mismatch
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker gaining Windows SYSTEM-level code execution on the service host and may cause the product to crash, leak sensitive information, or connect to the product without proper authentication.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following PTC Kepware products, are affected:
- KEPServerEX: v6.14.263.
GHSA
GHSA-m695-35xv-pjcm: KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information
ghsa_unreviewed·2023-12-01
CVE-2023-5908 [CRITICAL] CWE-120 GHSA-m695-35xv-pjcm: KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information
KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-11-30
Published