ICSA-20-210-02 · Published 2020-07-28 · View on CISA ICS-CERT ↗

Softing Industrial Automation OPC

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could crash the device being accessed. A buffer-overflow condition may also allow remote code execution.

CVEs (2)

CVE-2020-14524 CVE-2020-14522

Remediations

Softing Industrial Automation has released an update to mitigate the reported vulnerabilities. The most up-to-date release at the time of this CISA advisory can be found on the Softing Industrial Automation website.

Affected Vendors

Softing

Affected Products (1)

Softing · OPC < 4.47.0

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more