Article - CS375312

Security vulnerability identified in Kepware KEPServerEX

Modified: 30-Aug-2022   


Applies To

  • KEPServerEX 5.20.396.0 to 6.11
  • ThingWorx Kepware Server 8.0 to 6.11
  • ThingWorx Kepware Edge 1.0 to 1.4
Applies To
The following products are affected by the vulnerabilities found in Kepware KEPServerEX, a connectivity platform:
  • Kepware KEPServerEX v6.11 or lower
  • ThingWorx Kepware Server: v6.11 or lower
  • ThingWorx Industrial Connectivity: All versions
  • OPC-Aggregator: v6.11 or lower
  • ThingWorx Kepware Edge v1.4 or lower
The following products also may have a vulnerable component:
  • Rockwell Automation KEPServer Enterprise: v6.11 or lower
  • GE Digital Industrial Gateway Server: v7.611 or lower
  • Software Toolbox TOP Server: v6.11 or lower

Description

  • CISA Advisoryhttps://www.cisa.gov/uscert/ics/advisories/icsa-22-242-10
  • CVSS 3.1 Score: 9.1 Critical
  • CVSS 3.1 Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
  • CWE: heap-based buffer overflow CWE-122
  • Specifically crafted OPC UA messages transmitted to the server could allow an attacker to crash the server and potentially leak data
  • Common Vulnerabilities and Exposures: CVE-2022-2848 has been assigned to this vulnerability
  • Researcher Attribution: Vera Mens, Uri Katz, Sharon Brizinov of Claroty Research working with Trend Micro’s Zero Day Initiative
  • CVSS 3.1 Score: 9.8 Critical
  • CVSS 3.1 Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CWE: stack-based buffer overflow CWE-121
  • Specifically crafted OPC UA messages transmitted to the server could allow an attacker to crash the server and remotely execute code
  • Common Vulnerabilities and Exposures: CVE-2022-2825 has been assigned to this vulnerability
  • Researcher Attribution: Vera Mens, Uri Katz, Sharon Brizinov of Claroty Research working with Trend Micro’s Zero Day Initiative 
This is a PDF version of Article CS375312 and may be out of date. For the latest version click https://www.ptc.com/en/support/article/CS375312