Ptc Kepware Kepserverex — known CVE vulnerabilities
Every CVE whose affected-product data names Ptc Kepware Kepserverex, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2022-2825 — CVSS 9.8 (critical): This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0…
CVE-2020-27265 — CVSS 9.8 (critical): KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All…
CVE-2022-2848 — CVSS 9.1 (critical): This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0…
CVE-2020-27263 — CVSS 9.1 (critical): KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All…
CVE-2020-27267 — CVSS 9.1 (critical): KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versions), OPC-Aggregator (all…
CVE-2023-29445 — CVSS 7.8 (high): An uncontrolled search path element vulnerability (DLL hijacking) has been discovered that could allow a locally authenticated adversary to…
CVE-2023-29444 — CVSS 6.3 (medium): An uncontrolled search path element vulnerability (DLL hijacking) has been discovered that could allow a locally authenticated adversary to…
CVE-2023-29447 — CVSS 5.7 (medium): An insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to capture user credentials as the web server…
CVE-2023-29446 — CVSS 4.7 (medium): An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project…