CVE-2022-2825

CRITICAL

Kepware KEPServerEX - Stack Buffer Overflow Remote Code Execution

Title source: manual

Description

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-18411.

References (2)

Core 2

Core References

Third Party Advisory, US Government Resource

https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-10

Third Party Advisory, VDB Entry

https://www.zerodayinitiative.com/advisories/ZDI-22-1455/

Scores

CVSS v3 9.8

EPSS 0.0128

EPSS Percentile 79.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-121

Status published

Products (8)

ge/industrial_gateway_server < 7.612

ptc/kepware_kepserverex < 6.12

ptc/opc-aggregator < 6.12

ptc/thingworx_industrial_connectivity

ptc/thingworx_kepware_edge < 1.4

ptc/thingworx_kepware_server < 6.12

rockwellautomation/kepserver_enterprise < 6.12

softwaretoolbox/top_server < 6.12

Published Mar 29, 2023

Tracked Since Feb 18, 2026