Vulnerabilities > CVE-2022-2334 - Unspecified vulnerability in Softing products

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

softing

NVD

Published: 2022-08-17

Updated: 2024-11-21

Summary

The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22.

Vulnerable Configurations

Part	Description	Count
Application	Softing Softing Edgeaggregator 3.1 Softing Secure Integration Server 1.22 Softing Edgeconnector 3.1 Softing OPC 5.2 Softing OPC UA C++ Software Development KIT 6 Softing Uagates 1.74	6

References

https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html
https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html
https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04
https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04