Lucene search

[email protected]CVE-2023-41151

HistoryDec 14, 2023 - 7:15 p.m.

CVE-2023-41151

2023-12-1419:15:16

CWE-755

[email protected]

web.nvd.nist.gov

cve-2023-41151

softing opc ua c++ sdk

windows

application crash

uncaught exception

error packet

socket issue

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing.

Affected configurations

NVD

Node

microsoftwindowsMatch-

AND

softingopcRange≤5.30

softingopc_ua_c\+\+_software_development_kitRange≤6.20.1

softingsecure_integration_serverRange≤1.22

CPENameOperatorVersion
softing:opcsofting opcle5.30
softing:opc_ua_c\+\+_software_development_kitsofting opc ua c++ software development kitle6.20.1
softing:secure_integration_serversofting secure integration serverle1.22

CPE	Name	Operator	Version
softing:opc	softing opc	le	5.30
softing:opc_ua_c\+\+_software_development_kit	softing opc ua c++ software development kit	le	6.20.1
softing:secure_integration_server	softing secure integration server	le	1.22

References

industrial.softing.com/fileadmin/psirt/downloads/2023/syt-2023-3.html

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for CVE-2023-41151

cvelist1 nvd1 prion1