← Back to home
ICSA-13-226-01  ·  Published 2025-06-06  ·  View on CISA ICS-CERT ↗

Kepware Technologies Improper Input Validation Vulnerability

CVSS 7.8 HIGH

CVEs (1)

Remediations

  • Kepware Technologies has produced a new version of the software, V5.12.140.0, which resolves the vulnerability. Information about the new version is available at the Kepware support site (login required): (https://my.kepware.com/mykepware/Login.aspx)
  • The researchers suggest the following mitigations: Block DNP3 traffic from traversing onto business or corporate networks through the use of an IPS or firewall with DPN3-specific rule sets.

Affected Vendors

Kepware Technologies

Affected Products (1)

Kepware Technologies · DNP Master Driver for the KEPServerEX Communicaitons Platform v5.11.250.0

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more