Softing Secure Integration Server vulnerabilities
24 known vulnerabilities affecting softing/secure_integration_server.
Total CVEs
24
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH18MEDIUM4
Vulnerabilities
Page 2 of 2
CVE-2023-41151P4HIGHCVSS 7.5≤ 1.222023-12-14
CVE-2023-41151 [HIGH] CWE-755 CVE-2023-41151: An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating s
An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing.
nvd
CVE-2021-42577P4HIGHCVSS 7.5≤ 1.222022-03-11
CVE-2021-42577 [HIGH] CWE-476 CVE-2021-42577: An issue was discovered in Softing OPC UA C++ SDK before 5.70. A malformed OPC/UA message abort pack
An issue was discovered in Softing OPC UA C++ SDK before 5.70. A malformed OPC/UA message abort packet makes the client crash with a NULL pointer dereference.
nvd
CVE-2021-42262P4MEDIUMCVSS 6.5≤ 1.222022-03-11
CVE-2021-42262 [MEDIUM] CWE-119 CVE-2021-42262: An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type di
An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition.
nvd
CVE-2022-2338P4MEDIUMCVSS 5.3v1.22vV1.222022-08-17
CVE-2022-2338 [MEDIUM] CWE-319 CVE-2022-2338: Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-
Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the request, which may be captured for use in authenticating to the server.
nvd
← Previous2 / 2