HIGH🇬🇧 English

CVE-2023-37572

CVSS 7.5v3.1pub. 2023-12-05upd. 2024-11-21

Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to obtain sensitive information via weak permissions in OSF_discovery service. The service executable could be changed or the service could be deleted.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Softing Opc

    APP
    Softing
    < 5.30
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-2336CRITICAL9.8ten sam produkt

Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administr...

CVE-2020-14524CRITICAL9.8ten sam produkt

Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product i...

CVE-2023-41151HIGH7.5ten sam produkt

An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may ...

CVE-2022-39823HIGH7.5ten sam produkt

An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request excee...

CVE-2022-37453HIGH7.5ten sam produkt

An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happe...