Secure Integration Server Security Vulnerabilities and Issues — Secure Integration Server CVE List

Lucene search

SoftingSecure Integration Server

12 matches found

CVE•added 2022/03/11 11:15 p.m.•73 views

CVE-2021-42577

An issue was discovered in Softing OPC UA C++ SDK before 5.70. A malformed OPC/UA message abort packet makes the client crash with a NULL pointer dereference.

7.5CVSS7.4AI score0.00409EPSS

CVE•added 2022/08/17 9:15 p.m.•61 views

CVE-2022-2335

A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22.

7.5CVSS7.6AI score0.00257EPSS

CVE•added 2022/08/17 9:15 p.m.•58 views

CVE-2022-2334

The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22.

7.2CVSS7.4AI score0.60612EPSS

CVE•added 2022/10/20 9:15 p.m.•57 views

CVE-2022-37453

An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types.

7.5CVSS7.7AI score0.0019EPSS

CVE•added 2022/08/17 9:15 p.m.•54 views

CVE-2022-1373

The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the "restore configuration" feature to upload a zip file c...

7.2CVSS7.2AI score0.69302EPSS

CVE•added 2022/08/17 9:15 p.m.•53 views

CVE-2022-2337

A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22.

7.5CVSS7.6AI score0.00279EPSS

CVE•added 2022/08/17 9:15 p.m.•52 views

CVE-2022-2547

A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22.

7.5CVSS7.6AI score0.00842EPSS

CVE•added 2022/08/17 9:15 p.m.•47 views

CVE-2022-1748

Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability.

7.5CVSS7.6AI score0.00401EPSS

CVE•added 2022/08/17 9:15 p.m.•46 views

CVE-2022-1069

A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22.

7.5CVSS7.6AI score0.00352EPSS

CVE•added 2021/11/10 11:15 p.m.•35 views

CVE-2021-40873

An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66, and uaToolkit Embedded before 1.40. Remote attackers to cause a denial of service (DoS) by sending crafted messages to a client or server. The server process may crash unexpectedly because of a double free, and mus...

7.5CVSS7.4AI score0.00628EPSS

CVE•added 2021/11/10 11:15 p.m.•34 views

CVE-2021-40871

An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66. Remote attackers to cause a denial of service (DoS) by sending crafted messages to a OPC/UA client. The client process may crash unexpectedly because of a wrong type cast, and must be restarted.

7.5CVSS7.4AI score0.00628EPSS

CVE•added 2023/12/14 7:15 p.m.•23 views

CVE-2023-41151

An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing.

7.5CVSS7.5AI score0.00342EPSS