Vulnerabilities > Softing > OPC

DATE CVE VULNERABILITY TITLE RISK
2023-12-14 CVE-2023-41151 Improper Handling of Exceptional Conditions vulnerability in Softing OPC and OPC UA C++ Software Development KIT
An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing.
network
low complexity
softing CWE-755
7.5
7.5
2023-12-05 CVE-2023-37572 Incorrect Default Permissions vulnerability in Softing OPC
Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to obtain sensitive information via weak permissions in OSF_discovery service.
network
low complexity
softing CWE-276
7.5
7.5
2022-10-20 CVE-2022-37453 Out-of-bounds Write vulnerability in Softing products
An issue was discovered in Softing OPC UA C++ SDK before 6.10.
network
low complexity
softing CWE-787
7.5
7.5
2022-10-20 CVE-2022-39823 Use After Free vulnerability in Softing OPC and OPC UA C++ Software Development KIT
An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10.
network
low complexity
softing CWE-416
7.5
7.5
2022-08-17 CVE-2022-1373 Path Traversal vulnerability in Softing products
The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files.
network
low complexity
softing CWE-22
7.2
7.2
2021-11-10 CVE-2021-40871 Type Confusion vulnerability in Softing products
An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66.
network
low complexity
softing CWE-843
5.0
5.0
2021-11-10 CVE-2021-40873 Double Free vulnerability in Softing products
An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66, and uaToolkit Embedded before 1.40.
network
low complexity
softing CWE-415
5.0
5.0
2020-08-25 CVE-2020-14524 Out-of-bounds Write vulnerability in Softing OPC
Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.
network
low complexity
softing CWE-787
7.5
7.5
2020-08-25 CVE-2020-14522 Resource Exhaustion vulnerability in Softing OPC
Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to uncontrolled resource consumption, which may allow an attacker to cause a denial-of-service condition.
network
low complexity
softing CWE-400
5.0
5.0