[Control systems] PTC Security Advisory (AV23-112)

From: Canadian Centre for Cyber Security

Serial number: AV23-112
Date: February 23, 2023

On February 23, 2023, ICS-CERT published an ICS Advisory to address vulnerabilities in the following products:

  • ThingWorx Edge C-SDK – version 2.2.12.1052 and prior
  • .NET-SDK – version 5.8.4.971 and prior
  • ThingWorx Edge MicroServer (EMS) – version 5.4.10.0 and prior
  • Kepware KEPServerEX – version 6.12 and prior
  • ThingWorx Kepware Server – version 6.12 and prior
  • ThingWorx Industrial Connectivity – all versions
  • ThingWorx Kepware Edge – version 1.5 and prior
  • Rockwell Automation KEPServer Enterprise – version 6.12 and prior
  • GE Digital Industrial Gateway Server – version 7.612 and prior

Exploitation of these vulnerabilities could result in denial of service and remote code execution.

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: