Lucene search
+L

4 matches found

CVE
CVE
added 2024/05/03 2:10 a.m.62 views

CVE-2023-39482

The CVE-2023-39482 entry concerns Softing Secure Integration Server. The issue is located in the libopcuaclient.so component and stems from hardcoded cryptographic keys, enabling a remote attacker to disclose stored credentials and potentially facilitate further compromise. According to the provi...

6.5CVSS4.8AI score0.0111EPSS
CVE
CVE
added 2024/05/03 1:55 a.m.60 views

CVE-2023-27334

CVE-2023-27334 concerns the Softing edgeConnector Siemens product. The flaw exists in the handling of OPC UA ConditionRefresh requests, allowing remote attackers to exhaust server resources by sending a large number of requests, resulting in a denial-of-service condition. Authentication is not re...

7.5CVSS7.5AI score0.0137EPSS
CVE
CVE
added 2024/05/03 1:55 a.m.60 views

CVE-2023-27336

CVE-2023-27336 affects Softing edgeConnector Siemens OPC UA Server via a NULL pointer dereference in the handling of OPC client certificates. This unauthenticated, network-exploitable vulnerability can cause a denial-of-service condition on affected installations. The documented impact is limited...

7.5CVSS7.4AI score0.00754EPSS
CVE
CVE
added 2024/05/03 1:59 a.m.54 views

CVE-2023-38125

CVE-2023-38125 affects Softing edgeAggregator. The root cause is a misconfigured web server that lacks appropriate Content Security Policy headers, enabling a permissive cross-domain policy with untrusted domains. This can allow remote attackers to trigger remote code execution in the context of ...

8.8CVSS8AI score0.01063EPSS