[Control systems] PTC security advisory (AV22-486)

Number: AV22-486
Date: 30 August 2022

On 30 August 2022 ICS-CERT published an ICS Advisory to highlight vulnerabilities in the following products

  • Kepware KEPServerEX – versions prior to 6.12
  • ThingWorkx Kepware Server – versions prior to 6.12
  • ThingWorkx Industrial Connectivity – all versions
  • OPC-Aggregator – versions prior to 6.12
  • ThingWorkx Kepware Edge – version 1.4 and prior
  • Rockwell Automation KEPServer Enterprise – versions prior to v6.12
  • GE Digital Industrial Gateway Server – versions prior to v7.612
  • Software Toolbox TOP Server – versions prior to v6.12

Exploitation of these vulnerabilities could result in denial of service and remote code execution.

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: