Vulnerabilities > CVE-2022-39823 - Use After Free vulnerability in Softing OPC and OPC UA C++ Software Development KIT

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

softing

CWE-416

NVD

Published: 2022-10-20

Updated: 2022-10-25

Summary

An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error

Vulnerable Configurations

Part	Description	Count
Application	Softing Softing OPC * Softing OPC UA C++ Software Development KIT 5.70.0 Softing OPC UA C++ Software Development KIT 6	3

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://www.softing.com
https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-8.html