Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    96 vulnerabilities by Softing

    CVE-2023-7339 (GCVE-0-2023-7339)

    Vulnerability from nvd – Published: 2026-03-27 10:53 – Updated: 2026-03-27 12:21
    VLAI
    Title
    Data collection for dowloading leads into buffer overflow
    Summary
    Stack-based buffer overflow vulnerability in Softing Industrial Automation GmbH gateways allows overflow buffers. This issue affects pnGate: through 1.30 epGate: through 1.30 mbGate: through 1.30 smartLink HW-DP: through 1.30 smartLink HW-PN: through 1.01.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Softing pnGate Affected: 0 , ≤ 1.30 (custom)
    Unaffected: 1.34 (custom)
    Create a notification for this product.
    Softing epGate Affected: 0 , ≤ 1.30 (custom)
    Create a notification for this product.
    Softing mbGate Affected: 0 , ≤ 1.30 (custom)
    Create a notification for this product.
    Softing smartLink HW-DP Affected: 0 , ≤ 1.30 (custom)
    Unaffected: 1.31 (custom)
    Create a notification for this product.
    Softing smartLink HW-PN Affected: 0 , ≤ 1.01 (custom)
    Unaffected: 1.02 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-7339",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-27T12:21:13.590182Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-27T12:21:25.031Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "broken-link"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/CVE-2023-7339.html"
              },
              {
                "tags": [
                  "broken-link"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/CVE-2023-7339.json"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "pnGate",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.30",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.34",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "epGate",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.30",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "mbGate",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.30",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "smartLink HW-DP",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.30",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.31",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "smartLink HW-PN",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.01",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.02",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:pngate:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.30",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:pngate:1.34:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:epgate:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.30",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:mbgate:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.30",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-dp:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.30",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-dp:1.31:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-pn:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.01",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-pn:1.02:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eStack-based buffer overflow vulnerability in Softing Industrial Automation GmbH gateways allows overflow buffers.\u003cbr\u003eThis issue affects\u003cbr\u003epnGate: through 1.30\u003cbr\u003eepGate: through 1.30\u003cbr\u003embGate: through 1.30\u003cbr\u003esmartLink HW-DP: through 1.30\u003cbr\u003esmartLink HW-PN: through 1.01.\u003c/p\u003e"
                }
              ],
              "value": "Stack-based buffer overflow vulnerability in Softing Industrial Automation GmbH gateways allows overflow buffers.\nThis issue affects\npnGate: through 1.30\nepGate: through 1.30\nmbGate: through 1.30\nsmartLink HW-DP: through 1.30\nsmartLink HW-PN: through 1.01."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-100",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-100 Overflow Buffers"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T10:53:07.778Z",
            "orgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
            "shortName": "Softing"
          },
          "references": [
            {
              "tags": [
                "x_html"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/CVE-2023-7339.html"
            },
            {
              "tags": [
                "x_json"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/CVE-2023-7339.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003epnGate: fixed with 1.34\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "pnGate: fixed with 1.34"
            },
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "smartLink HW-DP: fixed with 1.31\u003cbr\u003esmartLink HW-PN: fixed with 1.02"
                }
              ],
              "value": "smartLink HW-DP: fixed with 1.31\nsmartLink HW-PN: fixed with 1.02"
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "Data collection for dowloading leads into buffer overflow",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
        "assignerShortName": "Softing",
        "cveId": "CVE-2023-7339",
        "datePublished": "2026-03-27T10:53:07.778Z",
        "dateReserved": "2026-03-27T10:08:58.402Z",
        "dateUpdated": "2026-03-27T12:21:25.031Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-14028 (GCVE-0-2024-14028)

    Vulnerability from nvd – Published: 2026-03-27 05:53 – Updated: 2026-03-27 13:45
    VLAI
    Title
    Multiple implicit reads in parallel can result in a crash or denial of service
    Summary
    Use after free vulnerability in Softing smartLink HW-DP or smartLink HW-PN webserver allows HTTP DoS. This issue affects: smartLink HW-DP: through 1.31 smartLink HW-PN: before 1.02.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Softing smartLink HW-DP Affected: 0 , ≤ 1.31 (custom)
    Unaffected: 1.32 (custom)
    Create a notification for this product.
    Softing smartLink HW-PN Affected: 0 , < 1.02 (custom)
    Unaffected: 1.02 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-14028",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-27T13:39:03.488317Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-27T13:45:30.144Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "webserver"
              ],
              "product": "smartLink HW-DP",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.31",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.32",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "webserver"
              ],
              "product": "smartLink HW-PN",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThan": "1.02",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.02",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-dp:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.31",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-dp:1.32:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-pn:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "1.02",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-pn:1.02:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUse after free vulnerability in Softing smartLink HW-DP or smartLink HW-PN webserver allows HTTP DoS.\u003cbr\u003eThis issue affects:\u003cbr\u003esmartLink HW-DP: through 1.31\u003cbr\u003esmartLink HW-PN: before 1.02.\u003c/p\u003e"
                }
              ],
              "value": "Use after free vulnerability in Softing smartLink HW-DP or smartLink HW-PN webserver allows HTTP DoS.\nThis issue affects:\nsmartLink HW-DP: through 1.31\nsmartLink HW-PN: before 1.02."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-469",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-469 HTTP DoS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use after free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T05:53:40.991Z",
            "orgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
            "shortName": "Softing"
          },
          "references": [
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2024/CVE-2024-14028.html"
            },
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2024/CVE-2024-14028.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUpdate firmware for\u003cbr\u003esmartLink HW-DP: to 1.32\u003cbr\u003esmartLink HW-PN: to 1.02.\u003c/p\u003e"
                }
              ],
              "value": "Update firmware for\nsmartLink HW-DP: to 1.32\nsmartLink HW-PN: to 1.02."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "Multiple implicit reads in parallel can result in a crash or denial of service",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
        "assignerShortName": "Softing",
        "cveId": "CVE-2024-14028",
        "datePublished": "2026-03-27T05:53:40.991Z",
        "dateReserved": "2026-03-23T15:31:51.510Z",
        "dateUpdated": "2026-03-27T13:45:30.144Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-13406 (GCVE-0-2025-13406)

    Vulnerability from nvd – Published: 2026-03-17 14:32 – Updated: 2026-03-27 08:09
    VLAI
    Title
    Scanning for higher HART revision device leads into NULL pointer dereference in live list
    Summary
    NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) allows HTTP DoS.This issue affects smartLink SW-HT: 1.43.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Softing smartLink SW-HT Affected: 1.43 (custom)
    Unaffected: 1.43.1 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-13406",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-17T14:49:34.753139Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-17T14:50:30.323Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Webserver"
              ],
              "product": "smartLink SW-HT",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.43",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.43.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-ht:1.43:*:*:*:*:*:*:*",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-ht:1.43.1:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) allows HTTP DoS.\u003cp\u003eThis issue affects smartLink SW-HT: 1.43.\u003c/p\u003e"
                }
              ],
              "value": "NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) allows HTTP DoS.This issue affects smartLink SW-HT: 1.43."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-469",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-469 HTTP DoS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "AUTOMATIC",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/AU:Y/R:A/RE:L/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T08:09:49.360Z",
            "orgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
            "shortName": "Softing"
          },
          "references": [
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-13406.html"
            },
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-13406.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUpdate smartLink SW-HT to patch V1.43.1 firmware.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "Update smartLink SW-HT to patch V1.43.1 firmware."
            }
          ],
          "source": {
            "discovery": "USER"
          },
          "title": "Scanning for higher HART revision device leads into NULL pointer dereference in live list",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
        "assignerShortName": "Softing",
        "cveId": "CVE-2025-13406",
        "datePublished": "2026-03-17T14:32:21.500Z",
        "dateReserved": "2025-11-19T14:07:24.595Z",
        "dateUpdated": "2026-03-27T08:09:49.360Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-10685 (GCVE-0-2025-10685)

    Vulnerability from nvd – Published: 2026-03-16 13:14 – Updated: 2026-03-27 08:12
    VLAI
    Title
    HTTP POST with specific higher content length leads into heap corruption
    Summary
    Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT (Webserver modules) allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Softing smartLink SW-PN Affected: 0 , ≤ 1.03 (custom)
    Unaffected: 1.04 (custom)
    Create a notification for this product.
    Softing smartLink SW-HT Affected: 0 , ≤ 1.42 (custom)
    Unaffected: 1.43 (custom)
    Create a notification for this product.
    Credits
    Frank Renner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-10685",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-16T14:41:54.340261Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-16T14:41:59.763Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Webserver"
              ],
              "product": "smartLink SW-PN",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.03",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.04",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Webserver"
              ],
              "product": "smartLink SW-HT",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.42",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.43",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-pn:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.03",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-pn:1.04:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-ht:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.42",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-ht:1.43:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Frank Renner"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT (Webserver modules) allows overflow buffers.\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003esmartLink SW-PN: through 1.03\u003c/p\u003e\u003cp\u003esmartLink SW-HT: through 1.42\u003c/p\u003e"
                }
              ],
              "value": "Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT (Webserver modules) allows overflow buffers.This issue affects:\n\nsmartLink SW-PN: through 1.03\n\nsmartLink SW-HT: through 1.42"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-100",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-100 Overflow Buffers"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "AUTOMATIC",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/AU:Y/R:A/RE:L/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122 Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T08:12:30.109Z",
            "orgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
            "shortName": "Softing"
          },
          "references": [
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10685.html"
            },
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10685.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUpdate firmware for\u003c/p\u003e\u003cp\u003esmartLink SW-PN: to 1.04\u003c/p\u003e\u003cp\u003esmartLink SW-HT: to 1.43\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "Update firmware for\n\nsmartLink SW-PN: to 1.04\n\nsmartLink SW-HT: to 1.43"
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "HTTP POST with specific higher content length leads into heap corruption",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
        "assignerShortName": "Softing",
        "cveId": "CVE-2025-10685",
        "datePublished": "2026-03-16T13:14:49.030Z",
        "dateReserved": "2025-09-18T12:45:55.230Z",
        "dateUpdated": "2026-03-27T08:12:30.109Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-10461 (GCVE-0-2025-10461)

    Vulnerability from nvd – Published: 2026-03-16 13:27 – Updated: 2026-03-27 08:13
    VLAI
    Title
    Global file reads caused by improper URL checks in webserver
    Summary
    Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker (filesystem modules) allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Softing smartLink SW-HT Affected: 0 , ≤ 1.42 (custom)
    Unaffected: 1.43 (custom)
    Create a notification for this product.
    Softing smartLink SW-PN Affected: 0 , ≤ 1.03 (custom)
    Unaffected: 1.04
    Create a notification for this product.
    Credits
    OpenVAS
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-10461",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-16T14:27:44.548413Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-16T14:27:51.874Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "filesystem"
              ],
              "product": "smartLink SW-HT",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.42",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.43",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "filesystem"
              ],
              "product": "smartLink SW-PN",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.03",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.04"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-ht:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.42",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-ht:1.43:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-pn:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.03",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-pn:1.04:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "tool",
              "value": "OpenVAS"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker (filesystem modules) allows file access.\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003eThis issue affects\u003c/p\u003e\u003cp\u003esmartLink SW-HT: through 1.42\u003c/p\u003e\u003cp\u003esmartLink SW-PN: through 1.03.\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker (filesystem modules) allows file access.\n\n\n\nThis issue affects\n\nsmartLink SW-HT: through 1.42\n\nsmartLink SW-PN: through 1.03."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-497",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-497 File Discovery"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "AUTOMATIC",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "GREEN",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/AU:Y/R:A/RE:L/U:Green",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T08:13:41.200Z",
            "orgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
            "shortName": "Softing"
          },
          "references": [
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10461.html"
            },
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10461.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThis issue is fixed in\u003c/p\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003esmartLink SW-HT: 1.43\u003c/p\u003esmartLink SW-PN: 1.04\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "This issue is fixed in\n\n\n\n\n\nsmartLink SW-HT: 1.43\n\nsmartLink SW-PN: 1.04"
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "Global file reads caused by improper URL checks in webserver",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
        "assignerShortName": "Softing",
        "cveId": "CVE-2025-10461",
        "datePublished": "2026-03-16T13:27:21.381Z",
        "dateReserved": "2025-09-15T05:57:59.903Z",
        "dateUpdated": "2026-03-27T08:13:41.200Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-7390 (GCVE-0-2025-7390)

    Vulnerability from nvd – Published: 2025-08-21 06:08 – Updated: 2026-03-27 08:36
    VLAI
    Title
    Bypass the client certificate trust check of an opc.https server while only secure communication is allowed
    Summary
    A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    Impacted products
    Vendor Product Version
    Softing OPC UA C++ SDK Affected: 6.40 , ≤ 6.80 (custom)
    Unaffected: 6.80.1 (custom)
    Create a notification for this product.
    Softing edgeConnector Affected: 0 , ≤ 2025.03 (custom)
    Unaffected: SDEX Suite V1.0 (custom)
    Create a notification for this product.
    Softing edgeAggregator Affected: 0 , ≤ 2025.03 (custom)
    Unaffected: SDEX Suite V1.0 (custom)
    Create a notification for this product.
    Date Public
    2025-08-14 06:37
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-7390",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-21T13:51:51.306799Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-21T13:53:15.381Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://industrial.softing.com/products/opc-ua-and-opc-classic-sdks/opc-ua-c-sdks-for-windows.html",
              "defaultStatus": "unaffected",
              "modules": [
                "opc.https server"
              ],
              "platforms": [
                "Windows",
                "Linux",
                "VxWorks"
              ],
              "product": "OPC UA C++ SDK",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "6.80",
                  "status": "affected",
                  "version": "6.40",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "6.80.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "collectionURL": "https://industrial.softing.com/de/produkte/docker-container/edgeconnector.html",
              "defaultStatus": "affected",
              "platforms": [
                "Linux"
              ],
              "product": "edgeConnector",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "2025.03",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "SDEX Suite V1.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "collectionURL": "https://industrial.softing.com/de/produkte/docker-container/edgeaggregator.html",
              "defaultStatus": "affected",
              "platforms": [
                "Linux"
              ],
              "product": "edgeAggregator",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "2025.03",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "SDEX Suite V1.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:opc_ua_c_sdk:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "6.80",
                      "versionStartIncluding": "6.40",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:opc_ua_c_sdk:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "6.80",
                      "versionStartIncluding": "6.40",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:opc_ua_c_sdk:*:*:vxworks:*:*:*:*:*",
                      "versionEndIncluding": "6.80",
                      "versionStartIncluding": "6.40",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:opc_ua_c_sdk:6.80.1:*:windows:*:*:*:*:*",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:opc_ua_c_sdk:6.80.1:*:linux:*:*:*:*:*",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:opc_ua_c_sdk:6.80.1:*:vxworks:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:edgeconnector:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "2025.03",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:edgeconnector:sdex_suite_v1.0:*:linux:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:edgeaggregator:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "2025.03",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:edgeaggregator:sdex_suite_v1.0:*:linux:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "datePublic": "2025-08-14T06:37:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication."
                }
              ],
              "value": "A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "CWE-295 Improper Certificate Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T08:36:30.497Z",
            "orgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
            "shortName": "Softing"
          },
          "references": [
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-7390.html"
            },
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-7390.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "OPC UA C++ SDK V6.80.1 Service-Patch\u003cbr\u003e"
                }
              ],
              "value": "OPC UA C++ SDK V6.80.1 Service-Patch"
            },
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "edgeAggregator \u0026amp; edgeConnector are now integrated in SDEX Suite: fix with V1.0"
                }
              ],
              "value": "edgeAggregator \u0026 edgeConnector are now integrated in SDEX Suite: fix with V1.0"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Bypass the client certificate trust check of an opc.https server while only secure communication is allowed",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
        "assignerShortName": "Softing",
        "cveId": "CVE-2025-7390",
        "datePublished": "2025-08-21T06:08:00.210Z",
        "dateReserved": "2025-07-09T13:09:38.988Z",
        "dateUpdated": "2026-03-27T08:36:30.497Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-39482 (GCVE-0-2023-39482)

    Vulnerability from nvd – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
    VLAI
    Title
    Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability
    Summary
    Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within libopcuaclient.so. The issue results from hardcoding crytographic keys within the product. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-20610.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-321 - Use of Hard-coded Cryptographic Key
    Assigner
    zdi
    References
    Impacted products
    Date Public
    2023-08-09 18:05
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39482",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-18T13:33:02.875353Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-18T13:33:20.661Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:10:20.888Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1064",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1064/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.22.8686"
                }
              ]
            }
          ],
          "dateAssigned": "2023-08-02T21:44:31.537Z",
          "datePublic": "2023-08-09T18:05:25.885Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within libopcuaclient.so. The issue results from hardcoding crytographic keys within the product. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-20610."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "CWE-321: Use of Hard-coded Cryptographic Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T02:10:46.611Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1064",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1064/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Uri Katz of Claroty Research Team82"
          },
          "title": "Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-39482",
        "datePublished": "2024-05-03T02:10:46.611Z",
        "dateReserved": "2023-08-02T21:37:23.125Z",
        "dateUpdated": "2024-08-02T18:10:20.888Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-39481 (GCVE-0-2023-39481)

    Vulnerability from nvd – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
    VLAI
    Title
    Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability
    Summary
    Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the web server. The issue results from an inconsistency in URI parsing between NGINX and application code. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20551.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-436 - Interpretation Conflict
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing Secure Integration Server Affected: 1.22.0.8686
    Create a notification for this product.
    softing secure_integration_server Affected: 1.22.0.8686
        cpe:2.3:a:softing:secure_integration_server:1.22.0.8686:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 18:04
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:secure_integration_server:1.22.0.8686:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_integration_server",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.22.0.8686"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39481",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-07T20:36:29.271637Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-07T20:41:58.121Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:10:20.884Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1063",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1063/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.22.0.8686"
                }
              ]
            }
          ],
          "dateAssigned": "2023-08-02T21:44:31.532Z",
          "datePublic": "2023-08-09T18:04:47.064Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the web server. The issue results from an inconsistency in URI parsing between NGINX and application code. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20551."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-436",
                  "description": "CWE-436: Interpretation Conflict",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T02:10:45.801Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1063",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1063/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-39481",
        "datePublished": "2024-05-03T02:10:45.801Z",
        "dateReserved": "2023-08-02T21:37:23.125Z",
        "dateUpdated": "2024-08-02T18:10:20.884Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-39480 (GCVE-0-2023-39480)

    Vulnerability from nvd – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
    VLAI
    Title
    Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability
    Summary
    Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of FileDirectory OPC UA Objects. The issue results from allowing unauthorized access to the filesystem. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20549.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-552 - Files or Directories Accessible to External Parties
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing Secure Integration Server Affected: 1.22.0.8686
    Create a notification for this product.
    softing secure_integration_server Affected: 1.22.0.8686
        cpe:2.3:a:softing:secure_integration_server:1.22.0.8686:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 18:04
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:secure_integration_server:1.22.0.8686:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_integration_server",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.22.0.8686"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39480",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-05T15:29:33.855719Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-05T15:42:02.808Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:10:20.681Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1062",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1062/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.22.0.8686"
                }
              ]
            }
          ],
          "dateAssigned": "2023-08-02T21:44:31.526Z",
          "datePublic": "2023-08-09T18:04:40.922Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of FileDirectory OPC UA Objects. The issue results from allowing unauthorized access to the filesystem. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20549."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-552",
                  "description": "CWE-552: Files or Directories Accessible to External Parties",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T02:10:45.099Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1062",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1062/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-39480",
        "datePublished": "2024-05-03T02:10:45.099Z",
        "dateReserved": "2023-08-02T21:37:23.125Z",
        "dateUpdated": "2024-08-02T18:10:20.681Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-39479 (GCVE-0-2023-39479)

    Vulnerability from nvd – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
    VLAI
    Title
    Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability
    Summary
    Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This vulnerability allows remote attackers to create directories on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of FileDirectory OPC UA Objects. The issue results from allowing unauthorized access to the filesystem. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20548.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-552 - Files or Directories Accessible to External Parties
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing Secure Integration Server Affected: 1.22.0.8686
    Create a notification for this product.
    softing secure_integration_server Affected: 1.22.0.8686
        cpe:2.3:a:softing:secure_integration_server:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 18:04
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:secure_integration_server:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_integration_server",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.22.0.8686"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39479",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-06T15:40:12.735732Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:27:01.463Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:10:20.883Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1061",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1061/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.22.0.8686"
                }
              ]
            }
          ],
          "dateAssigned": "2023-08-02T21:44:31.520Z",
          "datePublic": "2023-08-09T18:04:34.926Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This vulnerability allows remote attackers to create directories on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of FileDirectory OPC UA Objects. The issue results from allowing unauthorized access to the filesystem. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20548."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-552",
                  "description": "CWE-552: Files or Directories Accessible to External Parties",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T02:10:44.345Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1061",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1061/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-39479",
        "datePublished": "2024-05-03T02:10:44.345Z",
        "dateReserved": "2023-08-02T21:37:23.125Z",
        "dateUpdated": "2024-08-02T18:10:20.883Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-39478 (GCVE-0-2023-39478)

    Vulnerability from nvd – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
    VLAI
    Title
    Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability
    Summary
    Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of OPC FileDirectory namespaces. The issue results from the lack of proper validation of user-supplied data before using it to create a server object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20547.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-668 - Exposure of Resource to Wrong Sphere
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing Secure Integration Server Affected: 1.22.0.8686
    Create a notification for this product.
    softing secure_integration_server Affected: 1.22.0.8686
        cpe:2.3:a:softing:secure_integration_server:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 18:04
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:secure_integration_server:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_integration_server",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.22.0.8686"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39478",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-06T19:15:09.515950Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:27:04.877Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:10:20.948Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1060",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1060/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.22.0.8686"
                }
              ]
            }
          ],
          "dateAssigned": "2023-08-02T21:44:31.515Z",
          "datePublic": "2023-08-09T18:04:28.415Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of OPC FileDirectory namespaces. The issue results from the lack of proper validation of user-supplied data before using it to create a server object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20547."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-668",
                  "description": "CWE-668: Exposure of Resource to Wrong Sphere",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T02:10:43.636Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1060",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1060/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-39478",
        "datePublished": "2024-05-03T02:10:43.636Z",
        "dateReserved": "2023-08-02T21:37:23.124Z",
        "dateUpdated": "2024-08-02T18:10:20.948Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-38125 (GCVE-0-2023-38125)

    Vulnerability from nvd – Published: 2024-05-03 01:59 – Updated: 2024-08-02 17:30
    VLAI
    Title
    Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability
    Summary
    Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this vulnerability. The specific flaw exists within the configuration of the web server. The issue results from the lack of appropriate Content Security Policy headers. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20542.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-942 - Permissive Cross-domain Policy with Untrusted Domains
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing edgeAggregator Affected: 3.40
    Create a notification for this product.
    softing edgeaggregator Affected: 3.40
        cpe:2.3:a:softing:edgeaggregator:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 18:04
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:edgeaggregator:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "edgeaggregator",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.40"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-38125",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-07T19:26:57.744725Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:28:05.381Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:30:14.042Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1059",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1059/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "edgeAggregator",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.40"
                }
              ]
            }
          ],
          "dateAssigned": "2023-07-12T15:35:25.020Z",
          "datePublic": "2023-08-09T18:04:22.098Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the configuration of the web server. The issue results from the lack of appropriate Content Security Policy headers. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20542."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-942",
                  "description": "CWE-942: Permissive Cross-domain Policy with Untrusted Domains",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T01:59:21.322Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1059",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1059/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-38125",
        "datePublished": "2024-05-03T01:59:21.322Z",
        "dateReserved": "2023-07-12T15:22:20.623Z",
        "dateUpdated": "2024-08-02T17:30:14.042Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-27336 (GCVE-0-2023-27336)

    Vulnerability from nvd – Published: 2024-05-03 01:55 – Updated: 2024-08-02 12:09
    VLAI
    Title
    Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability
    Summary
    Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC client certificates. The issue results from dereferencing a NULL pointer. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20508.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing edgeConnector Siemens Affected: 3.40
    Create a notification for this product.
    softing edgeconnector Affected: 3.40
        cpe:2.3:a:softing:edgeconnector:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 18:05
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:edgeconnector:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "edgeconnector",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.40"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-27336",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-09T18:08:48.894972Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:24:42.930Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T12:09:43.421Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1065",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1065/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "edgeConnector Siemens",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.40"
                }
              ]
            }
          ],
          "dateAssigned": "2023-02-28T18:05:53.960Z",
          "datePublic": "2023-08-09T18:05:39.861Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of OPC client certificates. The issue results from dereferencing a NULL pointer. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20508."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T01:55:58.472Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1065",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1065/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Team ECQ"
          },
          "title": "Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-27336",
        "datePublished": "2024-05-03T01:55:58.472Z",
        "dateReserved": "2023-02-28T17:58:45.479Z",
        "dateUpdated": "2024-08-02T12:09:43.421Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-27335 (GCVE-0-2023-27335)

    Vulnerability from nvd – Published: 2024-05-03 01:55 – Updated: 2024-08-02 12:09
    VLAI
    Title
    Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability
    Summary
    Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the input parameters provided to the edgeAggregetor client. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20504.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing edgeAggregator Affected: 3.40
    Create a notification for this product.
    softing edgeaggregator Affected: 3.4.0
        cpe:2.3:a:softing:edgeaggregator:3.4.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 18:04
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:edgeaggregator:3.4.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "edgeaggregator",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.4.0"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-27335",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-21T15:59:01.773629Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:24:58.221Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T12:09:43.030Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1057",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1057/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "edgeAggregator",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.40"
                }
              ]
            }
          ],
          "dateAssigned": "2023-02-28T18:05:53.954Z",
          "datePublic": "2023-08-09T18:04:10.515Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of the input parameters provided to the edgeAggregetor client. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20504."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T01:55:57.666Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1057",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1057/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-27335",
        "datePublished": "2024-05-03T01:55:57.666Z",
        "dateReserved": "2023-02-28T17:58:45.479Z",
        "dateUpdated": "2024-08-02T12:09:43.030Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-27334 (GCVE-0-2023-27334)

    Vulnerability from nvd – Published: 2024-05-03 01:55 – Updated: 2024-08-02 12:09
    VLAI
    Title
    Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability
    Summary
    Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20498.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption ('Resource Exhaustion')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing edgeConnector Siemens Affected: 3.40
    Create a notification for this product.
    softing edgeconnector Affected: 3.40
        cpe:2.3:a:softing:edgeconnector:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 15:55
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:edgeconnector:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "edgeconnector",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.40"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-27334",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-21T15:55:32.192681Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:24:56.955Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T12:09:43.393Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1054",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1054/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2023-1.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "edgeConnector Siemens",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.40"
                }
              ]
            }
          ],
          "dateAssigned": "2023-02-28T18:05:53.949Z",
          "datePublic": "2023-08-09T15:55:45.687Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20498."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption (\u0027Resource Exhaustion\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T01:55:56.942Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1054",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1054/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2023-1.html"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-27334",
        "datePublished": "2024-05-03T01:55:56.942Z",
        "dateReserved": "2023-02-28T17:58:45.479Z",
        "dateUpdated": "2024-08-02T12:09:43.393Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-7339 (GCVE-0-2023-7339)

    Vulnerability from cvelistv5 – Published: 2026-03-27 10:53 – Updated: 2026-03-27 12:21
    VLAI
    Title
    Data collection for dowloading leads into buffer overflow
    Summary
    Stack-based buffer overflow vulnerability in Softing Industrial Automation GmbH gateways allows overflow buffers. This issue affects pnGate: through 1.30 epGate: through 1.30 mbGate: through 1.30 smartLink HW-DP: through 1.30 smartLink HW-PN: through 1.01.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Softing pnGate Affected: 0 , ≤ 1.30 (custom)
    Unaffected: 1.34 (custom)
    Create a notification for this product.
    Softing epGate Affected: 0 , ≤ 1.30 (custom)
    Create a notification for this product.
    Softing mbGate Affected: 0 , ≤ 1.30 (custom)
    Create a notification for this product.
    Softing smartLink HW-DP Affected: 0 , ≤ 1.30 (custom)
    Unaffected: 1.31 (custom)
    Create a notification for this product.
    Softing smartLink HW-PN Affected: 0 , ≤ 1.01 (custom)
    Unaffected: 1.02 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-7339",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-27T12:21:13.590182Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-27T12:21:25.031Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "broken-link"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/CVE-2023-7339.html"
              },
              {
                "tags": [
                  "broken-link"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/CVE-2023-7339.json"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "pnGate",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.30",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.34",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "epGate",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.30",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "mbGate",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.30",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "smartLink HW-DP",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.30",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.31",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "smartLink HW-PN",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.01",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.02",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:pngate:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.30",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:pngate:1.34:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:epgate:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.30",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:mbgate:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.30",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-dp:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.30",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-dp:1.31:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-pn:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.01",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-pn:1.02:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eStack-based buffer overflow vulnerability in Softing Industrial Automation GmbH gateways allows overflow buffers.\u003cbr\u003eThis issue affects\u003cbr\u003epnGate: through 1.30\u003cbr\u003eepGate: through 1.30\u003cbr\u003embGate: through 1.30\u003cbr\u003esmartLink HW-DP: through 1.30\u003cbr\u003esmartLink HW-PN: through 1.01.\u003c/p\u003e"
                }
              ],
              "value": "Stack-based buffer overflow vulnerability in Softing Industrial Automation GmbH gateways allows overflow buffers.\nThis issue affects\npnGate: through 1.30\nepGate: through 1.30\nmbGate: through 1.30\nsmartLink HW-DP: through 1.30\nsmartLink HW-PN: through 1.01."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-100",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-100 Overflow Buffers"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T10:53:07.778Z",
            "orgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
            "shortName": "Softing"
          },
          "references": [
            {
              "tags": [
                "x_html"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/CVE-2023-7339.html"
            },
            {
              "tags": [
                "x_json"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/CVE-2023-7339.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003epnGate: fixed with 1.34\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "pnGate: fixed with 1.34"
            },
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "smartLink HW-DP: fixed with 1.31\u003cbr\u003esmartLink HW-PN: fixed with 1.02"
                }
              ],
              "value": "smartLink HW-DP: fixed with 1.31\nsmartLink HW-PN: fixed with 1.02"
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "Data collection for dowloading leads into buffer overflow",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
        "assignerShortName": "Softing",
        "cveId": "CVE-2023-7339",
        "datePublished": "2026-03-27T10:53:07.778Z",
        "dateReserved": "2026-03-27T10:08:58.402Z",
        "dateUpdated": "2026-03-27T12:21:25.031Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-14028 (GCVE-0-2024-14028)

    Vulnerability from cvelistv5 – Published: 2026-03-27 05:53 – Updated: 2026-03-27 13:45
    VLAI
    Title
    Multiple implicit reads in parallel can result in a crash or denial of service
    Summary
    Use after free vulnerability in Softing smartLink HW-DP or smartLink HW-PN webserver allows HTTP DoS. This issue affects: smartLink HW-DP: through 1.31 smartLink HW-PN: before 1.02.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Softing smartLink HW-DP Affected: 0 , ≤ 1.31 (custom)
    Unaffected: 1.32 (custom)
    Create a notification for this product.
    Softing smartLink HW-PN Affected: 0 , < 1.02 (custom)
    Unaffected: 1.02 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-14028",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-27T13:39:03.488317Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-27T13:45:30.144Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "webserver"
              ],
              "product": "smartLink HW-DP",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.31",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.32",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "webserver"
              ],
              "product": "smartLink HW-PN",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThan": "1.02",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.02",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-dp:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.31",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-dp:1.32:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-pn:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "1.02",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_hw-pn:1.02:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUse after free vulnerability in Softing smartLink HW-DP or smartLink HW-PN webserver allows HTTP DoS.\u003cbr\u003eThis issue affects:\u003cbr\u003esmartLink HW-DP: through 1.31\u003cbr\u003esmartLink HW-PN: before 1.02.\u003c/p\u003e"
                }
              ],
              "value": "Use after free vulnerability in Softing smartLink HW-DP or smartLink HW-PN webserver allows HTTP DoS.\nThis issue affects:\nsmartLink HW-DP: through 1.31\nsmartLink HW-PN: before 1.02."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-469",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-469 HTTP DoS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use after free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T05:53:40.991Z",
            "orgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
            "shortName": "Softing"
          },
          "references": [
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2024/CVE-2024-14028.html"
            },
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2024/CVE-2024-14028.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUpdate firmware for\u003cbr\u003esmartLink HW-DP: to 1.32\u003cbr\u003esmartLink HW-PN: to 1.02.\u003c/p\u003e"
                }
              ],
              "value": "Update firmware for\nsmartLink HW-DP: to 1.32\nsmartLink HW-PN: to 1.02."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "Multiple implicit reads in parallel can result in a crash or denial of service",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
        "assignerShortName": "Softing",
        "cveId": "CVE-2024-14028",
        "datePublished": "2026-03-27T05:53:40.991Z",
        "dateReserved": "2026-03-23T15:31:51.510Z",
        "dateUpdated": "2026-03-27T13:45:30.144Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-13406 (GCVE-0-2025-13406)

    Vulnerability from cvelistv5 – Published: 2026-03-17 14:32 – Updated: 2026-03-27 08:09
    VLAI
    Title
    Scanning for higher HART revision device leads into NULL pointer dereference in live list
    Summary
    NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) allows HTTP DoS.This issue affects smartLink SW-HT: 1.43.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Softing smartLink SW-HT Affected: 1.43 (custom)
    Unaffected: 1.43.1 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-13406",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-17T14:49:34.753139Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-17T14:50:30.323Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Webserver"
              ],
              "product": "smartLink SW-HT",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.43",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.43.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-ht:1.43:*:*:*:*:*:*:*",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-ht:1.43.1:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) allows HTTP DoS.\u003cp\u003eThis issue affects smartLink SW-HT: 1.43.\u003c/p\u003e"
                }
              ],
              "value": "NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) allows HTTP DoS.This issue affects smartLink SW-HT: 1.43."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-469",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-469 HTTP DoS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "AUTOMATIC",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/AU:Y/R:A/RE:L/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T08:09:49.360Z",
            "orgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
            "shortName": "Softing"
          },
          "references": [
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-13406.html"
            },
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-13406.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUpdate smartLink SW-HT to patch V1.43.1 firmware.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "Update smartLink SW-HT to patch V1.43.1 firmware."
            }
          ],
          "source": {
            "discovery": "USER"
          },
          "title": "Scanning for higher HART revision device leads into NULL pointer dereference in live list",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
        "assignerShortName": "Softing",
        "cveId": "CVE-2025-13406",
        "datePublished": "2026-03-17T14:32:21.500Z",
        "dateReserved": "2025-11-19T14:07:24.595Z",
        "dateUpdated": "2026-03-27T08:09:49.360Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-10461 (GCVE-0-2025-10461)

    Vulnerability from cvelistv5 – Published: 2026-03-16 13:27 – Updated: 2026-03-27 08:13
    VLAI
    Title
    Global file reads caused by improper URL checks in webserver
    Summary
    Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker (filesystem modules) allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Softing smartLink SW-HT Affected: 0 , ≤ 1.42 (custom)
    Unaffected: 1.43 (custom)
    Create a notification for this product.
    Softing smartLink SW-PN Affected: 0 , ≤ 1.03 (custom)
    Unaffected: 1.04
    Create a notification for this product.
    Credits
    OpenVAS
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-10461",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-16T14:27:44.548413Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-16T14:27:51.874Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "filesystem"
              ],
              "product": "smartLink SW-HT",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.42",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.43",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "filesystem"
              ],
              "product": "smartLink SW-PN",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.03",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.04"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-ht:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.42",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-ht:1.43:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-pn:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.03",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-pn:1.04:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "tool",
              "value": "OpenVAS"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker (filesystem modules) allows file access.\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003eThis issue affects\u003c/p\u003e\u003cp\u003esmartLink SW-HT: through 1.42\u003c/p\u003e\u003cp\u003esmartLink SW-PN: through 1.03.\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker (filesystem modules) allows file access.\n\n\n\nThis issue affects\n\nsmartLink SW-HT: through 1.42\n\nsmartLink SW-PN: through 1.03."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-497",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-497 File Discovery"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "AUTOMATIC",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "GREEN",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/AU:Y/R:A/RE:L/U:Green",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T08:13:41.200Z",
            "orgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
            "shortName": "Softing"
          },
          "references": [
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10461.html"
            },
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10461.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThis issue is fixed in\u003c/p\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003esmartLink SW-HT: 1.43\u003c/p\u003esmartLink SW-PN: 1.04\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "This issue is fixed in\n\n\n\n\n\nsmartLink SW-HT: 1.43\n\nsmartLink SW-PN: 1.04"
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "Global file reads caused by improper URL checks in webserver",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
        "assignerShortName": "Softing",
        "cveId": "CVE-2025-10461",
        "datePublished": "2026-03-16T13:27:21.381Z",
        "dateReserved": "2025-09-15T05:57:59.903Z",
        "dateUpdated": "2026-03-27T08:13:41.200Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-10685 (GCVE-0-2025-10685)

    Vulnerability from cvelistv5 – Published: 2026-03-16 13:14 – Updated: 2026-03-27 08:12
    VLAI
    Title
    HTTP POST with specific higher content length leads into heap corruption
    Summary
    Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT (Webserver modules) allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Softing smartLink SW-PN Affected: 0 , ≤ 1.03 (custom)
    Unaffected: 1.04 (custom)
    Create a notification for this product.
    Softing smartLink SW-HT Affected: 0 , ≤ 1.42 (custom)
    Unaffected: 1.43 (custom)
    Create a notification for this product.
    Credits
    Frank Renner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-10685",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-16T14:41:54.340261Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-16T14:41:59.763Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Webserver"
              ],
              "product": "smartLink SW-PN",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.03",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.04",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Webserver"
              ],
              "product": "smartLink SW-HT",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "1.42",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "1.43",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-pn:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.03",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-pn:1.04:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-ht:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "1.42",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:smartlink_sw-ht:1.43:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Frank Renner"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT (Webserver modules) allows overflow buffers.\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003esmartLink SW-PN: through 1.03\u003c/p\u003e\u003cp\u003esmartLink SW-HT: through 1.42\u003c/p\u003e"
                }
              ],
              "value": "Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT (Webserver modules) allows overflow buffers.This issue affects:\n\nsmartLink SW-PN: through 1.03\n\nsmartLink SW-HT: through 1.42"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-100",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-100 Overflow Buffers"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "AUTOMATIC",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/AU:Y/R:A/RE:L/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122 Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T08:12:30.109Z",
            "orgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
            "shortName": "Softing"
          },
          "references": [
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10685.html"
            },
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10685.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUpdate firmware for\u003c/p\u003e\u003cp\u003esmartLink SW-PN: to 1.04\u003c/p\u003e\u003cp\u003esmartLink SW-HT: to 1.43\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "Update firmware for\n\nsmartLink SW-PN: to 1.04\n\nsmartLink SW-HT: to 1.43"
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "HTTP POST with specific higher content length leads into heap corruption",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
        "assignerShortName": "Softing",
        "cveId": "CVE-2025-10685",
        "datePublished": "2026-03-16T13:14:49.030Z",
        "dateReserved": "2025-09-18T12:45:55.230Z",
        "dateUpdated": "2026-03-27T08:12:30.109Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-7390 (GCVE-0-2025-7390)

    Vulnerability from cvelistv5 – Published: 2025-08-21 06:08 – Updated: 2026-03-27 08:36
    VLAI
    Title
    Bypass the client certificate trust check of an opc.https server while only secure communication is allowed
    Summary
    A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    Impacted products
    Vendor Product Version
    Softing OPC UA C++ SDK Affected: 6.40 , ≤ 6.80 (custom)
    Unaffected: 6.80.1 (custom)
    Create a notification for this product.
    Softing edgeConnector Affected: 0 , ≤ 2025.03 (custom)
    Unaffected: SDEX Suite V1.0 (custom)
    Create a notification for this product.
    Softing edgeAggregator Affected: 0 , ≤ 2025.03 (custom)
    Unaffected: SDEX Suite V1.0 (custom)
    Create a notification for this product.
    Date Public
    2025-08-14 06:37
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-7390",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-21T13:51:51.306799Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-21T13:53:15.381Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://industrial.softing.com/products/opc-ua-and-opc-classic-sdks/opc-ua-c-sdks-for-windows.html",
              "defaultStatus": "unaffected",
              "modules": [
                "opc.https server"
              ],
              "platforms": [
                "Windows",
                "Linux",
                "VxWorks"
              ],
              "product": "OPC UA C++ SDK",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "6.80",
                  "status": "affected",
                  "version": "6.40",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "6.80.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "collectionURL": "https://industrial.softing.com/de/produkte/docker-container/edgeconnector.html",
              "defaultStatus": "affected",
              "platforms": [
                "Linux"
              ],
              "product": "edgeConnector",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "2025.03",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "SDEX Suite V1.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "collectionURL": "https://industrial.softing.com/de/produkte/docker-container/edgeaggregator.html",
              "defaultStatus": "affected",
              "platforms": [
                "Linux"
              ],
              "product": "edgeAggregator",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThanOrEqual": "2025.03",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "SDEX Suite V1.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:opc_ua_c_sdk:*:*:windows:*:*:*:*:*",
                      "versionEndIncluding": "6.80",
                      "versionStartIncluding": "6.40",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:opc_ua_c_sdk:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "6.80",
                      "versionStartIncluding": "6.40",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:opc_ua_c_sdk:*:*:vxworks:*:*:*:*:*",
                      "versionEndIncluding": "6.80",
                      "versionStartIncluding": "6.40",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:opc_ua_c_sdk:6.80.1:*:windows:*:*:*:*:*",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:opc_ua_c_sdk:6.80.1:*:linux:*:*:*:*:*",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:opc_ua_c_sdk:6.80.1:*:vxworks:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:edgeconnector:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "2025.03",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:edgeconnector:sdex_suite_v1.0:*:linux:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:softing:edgeaggregator:*:*:linux:*:*:*:*:*",
                      "versionEndIncluding": "2025.03",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:softing:edgeaggregator:sdex_suite_v1.0:*:linux:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "datePublic": "2025-08-14T06:37:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication."
                }
              ],
              "value": "A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "CWE-295 Improper Certificate Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T08:36:30.497Z",
            "orgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
            "shortName": "Softing"
          },
          "references": [
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-7390.html"
            },
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-7390.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "OPC UA C++ SDK V6.80.1 Service-Patch\u003cbr\u003e"
                }
              ],
              "value": "OPC UA C++ SDK V6.80.1 Service-Patch"
            },
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "edgeAggregator \u0026amp; edgeConnector are now integrated in SDEX Suite: fix with V1.0"
                }
              ],
              "value": "edgeAggregator \u0026 edgeConnector are now integrated in SDEX Suite: fix with V1.0"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Bypass the client certificate trust check of an opc.https server while only secure communication is allowed",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd",
        "assignerShortName": "Softing",
        "cveId": "CVE-2025-7390",
        "datePublished": "2025-08-21T06:08:00.210Z",
        "dateReserved": "2025-07-09T13:09:38.988Z",
        "dateUpdated": "2026-03-27T08:36:30.497Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-39482 (GCVE-0-2023-39482)

    Vulnerability from cvelistv5 – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
    VLAI
    Title
    Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability
    Summary
    Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within libopcuaclient.so. The issue results from hardcoding crytographic keys within the product. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-20610.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-321 - Use of Hard-coded Cryptographic Key
    Assigner
    zdi
    References
    Impacted products
    Date Public
    2023-08-09 18:05
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39482",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-18T13:33:02.875353Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-18T13:33:20.661Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:10:20.888Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1064",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1064/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.22.8686"
                }
              ]
            }
          ],
          "dateAssigned": "2023-08-02T21:44:31.537Z",
          "datePublic": "2023-08-09T18:05:25.885Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within libopcuaclient.so. The issue results from hardcoding crytographic keys within the product. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-20610."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "CWE-321: Use of Hard-coded Cryptographic Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T02:10:46.611Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1064",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1064/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Uri Katz of Claroty Research Team82"
          },
          "title": "Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-39482",
        "datePublished": "2024-05-03T02:10:46.611Z",
        "dateReserved": "2023-08-02T21:37:23.125Z",
        "dateUpdated": "2024-08-02T18:10:20.888Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-39481 (GCVE-0-2023-39481)

    Vulnerability from cvelistv5 – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
    VLAI
    Title
    Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability
    Summary
    Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the web server. The issue results from an inconsistency in URI parsing between NGINX and application code. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20551.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-436 - Interpretation Conflict
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing Secure Integration Server Affected: 1.22.0.8686
    Create a notification for this product.
    softing secure_integration_server Affected: 1.22.0.8686
        cpe:2.3:a:softing:secure_integration_server:1.22.0.8686:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 18:04
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:secure_integration_server:1.22.0.8686:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_integration_server",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.22.0.8686"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39481",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-07T20:36:29.271637Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-07T20:41:58.121Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:10:20.884Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1063",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1063/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.22.0.8686"
                }
              ]
            }
          ],
          "dateAssigned": "2023-08-02T21:44:31.532Z",
          "datePublic": "2023-08-09T18:04:47.064Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the web server. The issue results from an inconsistency in URI parsing between NGINX and application code. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20551."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-436",
                  "description": "CWE-436: Interpretation Conflict",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T02:10:45.801Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1063",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1063/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-39481",
        "datePublished": "2024-05-03T02:10:45.801Z",
        "dateReserved": "2023-08-02T21:37:23.125Z",
        "dateUpdated": "2024-08-02T18:10:20.884Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-39480 (GCVE-0-2023-39480)

    Vulnerability from cvelistv5 – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
    VLAI
    Title
    Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability
    Summary
    Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of FileDirectory OPC UA Objects. The issue results from allowing unauthorized access to the filesystem. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20549.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-552 - Files or Directories Accessible to External Parties
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing Secure Integration Server Affected: 1.22.0.8686
    Create a notification for this product.
    softing secure_integration_server Affected: 1.22.0.8686
        cpe:2.3:a:softing:secure_integration_server:1.22.0.8686:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 18:04
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:secure_integration_server:1.22.0.8686:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_integration_server",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.22.0.8686"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39480",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-05T15:29:33.855719Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-05T15:42:02.808Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:10:20.681Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1062",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1062/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.22.0.8686"
                }
              ]
            }
          ],
          "dateAssigned": "2023-08-02T21:44:31.526Z",
          "datePublic": "2023-08-09T18:04:40.922Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of FileDirectory OPC UA Objects. The issue results from allowing unauthorized access to the filesystem. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20549."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-552",
                  "description": "CWE-552: Files or Directories Accessible to External Parties",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T02:10:45.099Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1062",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1062/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-39480",
        "datePublished": "2024-05-03T02:10:45.099Z",
        "dateReserved": "2023-08-02T21:37:23.125Z",
        "dateUpdated": "2024-08-02T18:10:20.681Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-39479 (GCVE-0-2023-39479)

    Vulnerability from cvelistv5 – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
    VLAI
    Title
    Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability
    Summary
    Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This vulnerability allows remote attackers to create directories on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of FileDirectory OPC UA Objects. The issue results from allowing unauthorized access to the filesystem. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20548.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-552 - Files or Directories Accessible to External Parties
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing Secure Integration Server Affected: 1.22.0.8686
    Create a notification for this product.
    softing secure_integration_server Affected: 1.22.0.8686
        cpe:2.3:a:softing:secure_integration_server:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 18:04
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:secure_integration_server:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_integration_server",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.22.0.8686"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39479",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-06T15:40:12.735732Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:27:01.463Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:10:20.883Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1061",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1061/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.22.0.8686"
                }
              ]
            }
          ],
          "dateAssigned": "2023-08-02T21:44:31.520Z",
          "datePublic": "2023-08-09T18:04:34.926Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability. This vulnerability allows remote attackers to create directories on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of FileDirectory OPC UA Objects. The issue results from allowing unauthorized access to the filesystem. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20548."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-552",
                  "description": "CWE-552: Files or Directories Accessible to External Parties",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T02:10:44.345Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1061",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1061/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-39479",
        "datePublished": "2024-05-03T02:10:44.345Z",
        "dateReserved": "2023-08-02T21:37:23.125Z",
        "dateUpdated": "2024-08-02T18:10:20.883Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-39478 (GCVE-0-2023-39478)

    Vulnerability from cvelistv5 – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
    VLAI
    Title
    Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability
    Summary
    Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of OPC FileDirectory namespaces. The issue results from the lack of proper validation of user-supplied data before using it to create a server object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20547.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-668 - Exposure of Resource to Wrong Sphere
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing Secure Integration Server Affected: 1.22.0.8686
    Create a notification for this product.
    softing secure_integration_server Affected: 1.22.0.8686
        cpe:2.3:a:softing:secure_integration_server:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 18:04
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:secure_integration_server:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_integration_server",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.22.0.8686"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39478",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-06T19:15:09.515950Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:27:04.877Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:10:20.948Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1060",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1060/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.22.0.8686"
                }
              ]
            }
          ],
          "dateAssigned": "2023-08-02T21:44:31.515Z",
          "datePublic": "2023-08-09T18:04:28.415Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of OPC FileDirectory namespaces. The issue results from the lack of proper validation of user-supplied data before using it to create a server object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20547."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-668",
                  "description": "CWE-668: Exposure of Resource to Wrong Sphere",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T02:10:43.636Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1060",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1060/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-39478",
        "datePublished": "2024-05-03T02:10:43.636Z",
        "dateReserved": "2023-08-02T21:37:23.124Z",
        "dateUpdated": "2024-08-02T18:10:20.948Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-38125 (GCVE-0-2023-38125)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:59 – Updated: 2024-08-02 17:30
    VLAI
    Title
    Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability
    Summary
    Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this vulnerability. The specific flaw exists within the configuration of the web server. The issue results from the lack of appropriate Content Security Policy headers. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20542.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-942 - Permissive Cross-domain Policy with Untrusted Domains
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing edgeAggregator Affected: 3.40
    Create a notification for this product.
    softing edgeaggregator Affected: 3.40
        cpe:2.3:a:softing:edgeaggregator:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 18:04
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:edgeaggregator:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "edgeaggregator",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.40"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-38125",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-07T19:26:57.744725Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:28:05.381Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:30:14.042Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1059",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1059/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "edgeAggregator",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.40"
                }
              ]
            }
          ],
          "dateAssigned": "2023-07-12T15:35:25.020Z",
          "datePublic": "2023-08-09T18:04:22.098Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the configuration of the web server. The issue results from the lack of appropriate Content Security Policy headers. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-20542."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-942",
                  "description": "CWE-942: Permissive Cross-domain Policy with Untrusted Domains",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T01:59:21.322Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1059",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1059/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-38125",
        "datePublished": "2024-05-03T01:59:21.322Z",
        "dateReserved": "2023-07-12T15:22:20.623Z",
        "dateUpdated": "2024-08-02T17:30:14.042Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-27336 (GCVE-0-2023-27336)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:55 – Updated: 2024-08-02 12:09
    VLAI
    Title
    Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability
    Summary
    Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC client certificates. The issue results from dereferencing a NULL pointer. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20508.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing edgeConnector Siemens Affected: 3.40
    Create a notification for this product.
    softing edgeconnector Affected: 3.40
        cpe:2.3:a:softing:edgeconnector:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 18:05
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:edgeconnector:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "edgeconnector",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.40"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-27336",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-09T18:08:48.894972Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:24:42.930Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T12:09:43.421Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1065",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1065/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "edgeConnector Siemens",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.40"
                }
              ]
            }
          ],
          "dateAssigned": "2023-02-28T18:05:53.960Z",
          "datePublic": "2023-08-09T18:05:39.861Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of OPC client certificates. The issue results from dereferencing a NULL pointer. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20508."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T01:55:58.472Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1065",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1065/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Team ECQ"
          },
          "title": "Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-27336",
        "datePublished": "2024-05-03T01:55:58.472Z",
        "dateReserved": "2023-02-28T17:58:45.479Z",
        "dateUpdated": "2024-08-02T12:09:43.421Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-27335 (GCVE-0-2023-27335)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:55 – Updated: 2024-08-02 12:09
    VLAI
    Title
    Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability
    Summary
    Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the input parameters provided to the edgeAggregetor client. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20504.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing edgeAggregator Affected: 3.40
    Create a notification for this product.
    softing edgeaggregator Affected: 3.4.0
        cpe:2.3:a:softing:edgeaggregator:3.4.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 18:04
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:edgeaggregator:3.4.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "edgeaggregator",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.4.0"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-27335",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-21T15:59:01.773629Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:24:58.221Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T12:09:43.030Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1057",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1057/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "edgeAggregator",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.40"
                }
              ]
            }
          ],
          "dateAssigned": "2023-02-28T18:05:53.954Z",
          "datePublic": "2023-08-09T18:04:10.515Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of the input parameters provided to the edgeAggregetor client. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20504."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T01:55:57.666Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1057",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1057/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-27335",
        "datePublished": "2024-05-03T01:55:57.666Z",
        "dateReserved": "2023-02-28T17:58:45.479Z",
        "dateUpdated": "2024-08-02T12:09:43.030Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-27334 (GCVE-0-2023-27334)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:55 – Updated: 2024-08-02 12:09
    VLAI
    Title
    Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability
    Summary
    Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20498.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption ('Resource Exhaustion')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing edgeConnector Siemens Affected: 3.40
    Create a notification for this product.
    softing edgeconnector Affected: 3.40
        cpe:2.3:a:softing:edgeconnector:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 15:55
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:edgeconnector:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "edgeconnector",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.40"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-27334",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-21T15:55:32.192681Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:24:56.955Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T12:09:43.393Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1054",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1054/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2023-1.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "edgeConnector Siemens",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.40"
                }
              ]
            }
          ],
          "dateAssigned": "2023-02-28T18:05:53.949Z",
          "datePublic": "2023-08-09T15:55:45.687Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20498."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption (\u0027Resource Exhaustion\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T01:55:56.942Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1054",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1054/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2023-1.html"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-27334",
        "datePublished": "2024-05-03T01:55:56.942Z",
        "dateReserved": "2023-02-28T17:58:45.479Z",
        "dateUpdated": "2024-08-02T12:09:43.393Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }