Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code.
CVSS Information
N/A
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
多款 Kepware 产品缓冲区错误漏洞
Vulnerability Description
Kepware Kepserverex是美国Kepware公司的一个可与多种工业设备进行通讯的应用软件。该软件支持150多个通讯协议,支持通过单个平台为企业提供可靠实时的数据。 多款Kepware产品存在缓冲区错误漏洞,该漏洞源于受影响的产品容易发生基于堆栈的缓冲区溢出。打开一个特别设计的OPC UA消息可能允许攻击者可利用该漏洞使服务器崩溃并远程执行代码。以下产品及版本受到影响:KEPServerEX: v6.0到v6.9,ThingWorx Kepware Server: v6.8和v6.9,Thin
CVSS Information
N/A
Vulnerability Type
N/A