PTC Kepware KEPServerEX (Update A)

Risk Summary

Successful exploitation of these vulnerabilities could lead to a server crashing, a denial-of-service condition, data leakage, or remote code execution.

CVEs (3)

Remediations

• PTC has released updates for the following products and recommends that users upgrade to the most current supported version:
• KEPServerEX Version 6.6 should upgrade to Version 6.6.362.0
• KEPServerEX Version 6.7 should upgrade to Version 6.7.1067.0
• KEPServerEX Version 6.8 should upgrade to Version 6.8.838.0
• KEPServerEX Version 6.9 should upgrade to Version 6.9.584.0
• ThingWorx Kepware Server Version 6.8 should upgrade to Version 6.8.839.0
• ThingWorx Kepware Server Version 6.9 should upgrade to Version 6.9.584.0
• ThingWorx Industrial Connectivity Version 8.4 should upgrade to Version 8.4 (6.6.362.0)
• ThingWorx Industrial Connectivity Version 8.5 should upgrade to Version 8.5 (6.7.1068.0)
• OPC-Aggregator Version 6.9 should upgrade to Version 6.9.584.0
• Rockwell Automation KEPServer Enterprise Version 6.6 should upgrade to Version 6.6.550.0
• Rockwell Automation KEPServer Enterprise Version 6.9 should upgrade to Version 6.9.584.0
• Rockwell recommends users upgrade to the most current version available, depending on the base version of the affected product they are using.
• GE Digital Industrial Gateway Server Versions 7.68.804 and 7.66 should update to Version 7.68.839.0
• The GE Digital Security Advisory GED 20-05 can be accessed on the GE Digital Security Advisories Customer Center webpage.
• Software Toolbox TOP Server Version 6.7 should upgrade to Version 6.7.1068.0
• Software Toolbox TOP Server Version 6.8 should upgrade to Version 6.8.840.0
• Software Toolbox TOP Server Version 6.9 should upgrade to Version 6.9.584.0
• Software Toolbox has released updates and recommends users update their installations.

Affected Vendors

Affected Products (7)

Affected Sectors

Critical Manufacturing