Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code.ĬVE-2020-27265 has been assigned to this vulnerability. The affected products are vulnerable to a stack-based buffer overflow. End Update A Part 1 of 2 - 4.2 VULNERABILITY OVERVIEW 4.2.1 STACK-BASED BUFFER OVERFLOW CWE-121 Software Toolbox TOP Server: All 6.x versions.
GE Digital Industrial Gateway Server: v7.68.804 and v7.66.Rockwell Automation KEPServer Enterprise: v6.6.504.0 and v6.9.572.0.The following products may have a vulnerable component:.ThingWorx Industrial Connectivity: All versions.ThingWorx Kepware Server: v6.8 and v6.9.The following products are affected by the vulnerabilities found in Kepware KEPServerEX, a connectivity platform: Successful exploitation of these vulnerabilities could lead to a server crashing, a denial-of-service condition, data leakage, or remote code execution.
This updated advisory is a follow-up to the original advisory titled ICSA-20-352-02 PTC Kepware KEPServerEX that was published December 17, 2020, on the ICS webpage on.
0 kommentar(er)
