The vulnerability lies in the implementation of OPC UA software methods for connection integration with the Softing OPC UA C++ SDK, as well as the Secure Integration Server data integration tool. This allows attackers to execute arbitrary code.
The vulnerability of the implementation of OPC UA software for connectivity integration with Softing OPC UA C++ SDK lies in the incorrect path name limitation for accessing the restricted directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...