Vulnerabilities > Softing > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-19 | CVE-2023-38126 | Path Traversal vulnerability in Softing Edgeaggregator 3.4.0 Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability. | 7.2 |
| 2023-12-14 | CVE-2023-41151 | Improper Handling of Exceptional Conditions vulnerability in Softing OPC and OPC UA C++ Software Development KIT An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing. | 7.5 |
| 2023-12-05 | CVE-2023-37572 | Incorrect Default Permissions vulnerability in Softing OPC Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to obtain sensitive information via weak permissions in OSF_discovery service. | 7.5 |
| 2023-11-06 | CVE-2022-48193 | Inadequate Encryption Strength vulnerability in Softing Smartlink Sw-Ht Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL). | 7.5 |
| 2023-01-26 | CVE-2022-44018 | NULL Pointer Dereference vulnerability in Softing Uatoolkit Embedded 1.31/1.40 In Softing uaToolkit Embedded before 1.40.1, a malformed PubSub discovery announcement message can cause a NULL pointer dereference or out-of-bounds memory access in the subscriber application. | 7.5 |
| 2023-01-26 | CVE-2022-45920 | Memory Leak vulnerability in Softing Uatoolkit Embedded 1.31/1.40 In Softing uaToolkit Embedded before 1.41, a malformed CreateMonitoredItems request may cause a memory leak. | 7.5 |
| 2022-10-20 | CVE-2022-37453 | Out-of-bounds Write vulnerability in Softing products An issue was discovered in Softing OPC UA C++ SDK before 6.10. | 7.5 |
| 2022-10-20 | CVE-2022-39823 | Use After Free vulnerability in Softing OPC and OPC UA C++ Software Development KIT An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. | 7.5 |
| 2022-08-17 | CVE-2022-1373 | Path Traversal vulnerability in Softing products The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. | 7.2 |
| 2020-08-25 | CVE-2020-14524 | Out-of-bounds Write vulnerability in Softing OPC Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. | 7.5 |