← Back to home
ICSA-21-168-02  ·  Published 2021-06-17  ·  View on CISA ICS-CERT ↗

Softing OPC-UA C++ SDK

CVSS 7.5 HIGH

Risk Summary

A remote attacker may be able to crash the device, resulting in a denial-of-service condition. This vulnerability existsin exported functions of the library, and exploits may have different consequences depending on how the library functions have been used.

CVEs (1)

Remediations

  • Softing has released version 5.65 to address this vulnerability and has notified known users of the release. As this vulnerability only affects the publisher and subscriber protocol, Softing highly recommends customers using this protocol to upgrade to the latest version or disable the functionality. Please download the latest software package from the Softing website.

Affected Vendors

Softing

Affected Products (1)

Softing · OPC UA C++ SDK (Software Development Kit) >= 5.59 | <= 5.64

Affected Sectors

Multiple sectors

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more