CVE-2021-42262

Softing OPC UA C++ SDK prior to 5.70 is affected by an out-of-memory crash triggered by an invalid XML element in the type dictionary, causing the OPC UA client to crash. The issue is due to a malformed XML element in the type dictionary. Impact stated in the sources is availability-related (cras...

CVE-2021-42577

CVE-2021-42577 affects Softing OPC UA C++ SDK prior to version 5.70. The vulnerability arises from a malformed OPC/UA message abort packet that causes the client to crash due to a NULL pointer dereference. Reported in CVE entries and corroborated by multiple sources, including NVD, which lists th...

CVE-2021-40873

The CVE-2021-40873 issue affects Softing Industrial Automation’s OPC UA C++ SDK (pre-5.66) and uaToolkit Embedded (pre-1.40). The vulnerability is a remote-triggered denial of service due to a double-free error that can cause the server process to crash and require restart. Exploitation is descri...

CVE-2021-40871

CVE-2021-40871 affects Softing Industrial Automation’s OPC UA C++ SDK prior to 5.66. Remote attackers can trigger a denial of service by sending crafted messages to an OPC UA client. The vulnerability causes the client process to crash due to an incorrect type cast, requiring a restart. The issue...