Lucene search
K

5 matches found

CVE
CVE
added 2020/08/25 1:36 p.m.72 views

CVE-2020-14524

CVE-2020-14524 affects Softing Industrial Automation OPC: all versions prior to the latest build of 4.47.0 are vulnerable to a heap-based buffer overflow (CWE-122) that may allow remote code execution. CVSS v3 base score 9.8 (CRITICAL) with NETWORK attack vector, no privileges, no user interactio...

9.8CVSS9.8AI score0.02515EPSS
CVE
CVE
added 2021/11/10 10:48 p.m.52 views

CVE-2021-40873

The CVE-2021-40873 issue affects Softing Industrial Automation’s OPC UA C++ SDK (pre-5.66) and uaToolkit Embedded (pre-1.40). The vulnerability is a remote-triggered denial of service due to a double-free error that can cause the server process to crash and require restart. Exploitation is descri...

7.5CVSS7.4AI score0.01267EPSS
CVE
CVE
added 2021/11/10 10:43 p.m.48 views

CVE-2021-40871

CVE-2021-40871 affects Softing Industrial Automation’s OPC UA C++ SDK prior to 5.66. Remote attackers can trigger a denial of service by sending crafted messages to an OPC UA client. The vulnerability causes the client process to crash due to an incorrect type cast, requiring a restart. The issue...

7.5CVSS7.4AI score0.01267EPSS
CVE
CVE
added 2023/12/05 12:0 a.m.46 views

CVE-2023-37572

Softing OPC Suite prior to 5.25 contains an Incorrect Access Control flaw in OSF_discovery service. Weak permissions could allow an attacker to read sensitive information and modify or delete the service executable. CVSSv3.1 base score 7.5 (HIGH) with network attack vector, low complexity, no pri...

7.5CVSS7.3AI score0.00593EPSS
CVE
CVE
added 2020/08/25 1:35 p.m.36 views

CVE-2020-14522

CVE-2020-14522 affects Softing Industrial Automation OPC products: all versions prior to the latest build of 4.47.0 are vulnerable to uncontrolled resource consumption that can lead to a denial-of-service. Affected component is OPC servers/services; root cause described as uncontrolled resource c...

7.5CVSS7.6AI score0.01485EPSS