KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect.
2023-11-30T22:15:10.163
2024-11-21T08:42:45.260
Modified
CVSSv3.1: 7.5 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ge | industrial_gateway_server | ≤ 7.614 | Yes |
| Application | ptc | keepserverex | ≤ 6.14.263.0 | Yes |
| Application | ptc | opc-aggregator | ≤ 6.14 | Yes |
| Application | ptc | thingworx_industrial_connectivity | - | Yes |
| Application | ptc | thingworx_kepware_edge | ≤ 1.7 | Yes |
| Application | ptc | thingworx_kepware_server | ≤ 6.14.263.0 | Yes |
| Application | rockwellautomation | kepserver_enterprise | ≤ 6.14.263.0 | Yes |
| Application | softwaretoolbox | top_server | ≤ 6.14.263.0 | Yes |