PTC Kepware KEPServerEX (Update A)

Published

2021-01-05 15:20:30 UTC

Summary

This updated advisory is a follow-up to the original advisory titled ICSA-20-352-02 PTC Kepware KEPServerEX that was published December 17, 2020, to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigations for a Stack-based Buffer Overflow, a Heap-based Buffer Overflow, and a Use After Free vulnerabilities in the PTC Kepware KEPServerEX connectivity platform.