Lucene search
HistoryAug 17, 2022 - 9:15 p.m.
CVE-2022-2334
vulnerability
arbitrary code execution
softing secure integration server
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
48.3%
The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22.
Affected configurations
Node
softingedgeaggregatorMatch3.1
ORsoftingedgeconnectorMatch3.1
ORsoftingopcMatch5.2
ORsoftingopc_ua_c\+\+_software_development_kitMatch6
ORsoftingsecure_integration_serverMatch1.22
ORsoftinguagatesMatch1.74
Related
cve
cve
CVE-2022-2334
2022-08-17 21:15:08
cvelist
cvelist
zdi
zdi
prion
prion
Input validation
2022-08-17 21:15:00
metasploit
metasploit
Softing Secure Integration Server v1.22 Remote Code Execution
2024-04-13 10:10:45
packetstorm
packetstorm
Softing Secure Integration Server 1.22 Remote Code Execution
2024-07-22 00:00:00
zdt
zdt
Softing Secure Integration Server 1.22 Remote Code Execution Exploit
2024-07-22 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:0504-1)
2022-02-19 00:00:00
ics
ics
Softing Secure Integration Server
2022-09-26 12:00:00
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
48.3%
Related for NVD:CVE-2022-2334