Ptc Thingworx Kepware Edge — known CVE vulnerabilities
Every CVE whose affected-product data names Ptc Thingworx Kepware Edge, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-2825 — CVSS 9.8 (critical): This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0…
CVE-2023-0754 — CVSS 9.8 (critical): The affected products are vulnerable to an integer overflow or wraparound, which could allow an attacker to crash the server and remotely…
CVE-2023-0755 — CVSS 9.8 (critical): The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and…
CVE-2022-2848 — CVSS 9.1 (critical): This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0…
CVE-2023-5908 — CVSS 9.1 (critical): KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information.
CVE-2023-5909 — CVSS 7.5 (high): KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect.