Search

Find a vulnerability

Search criteria

    32 vulnerabilities found for opc_ua_c\+\+_software_development_kit by softing

    CVE-2023-27334 (GCVE-0-2023-27334)

    Vulnerability from nvd – Published: 2024-05-03 01:55 – Updated: 2024-08-02 12:09
    VLAI
    Title
    Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability
    Summary
    Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20498.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption ('Resource Exhaustion')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing edgeConnector Siemens Affected: 3.40
    Create a notification for this product.
    softing edgeconnector Affected: 3.40
        cpe:2.3:a:softing:edgeconnector:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 15:55
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:edgeconnector:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "edgeconnector",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.40"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-27334",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-21T15:55:32.192681Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:24:56.955Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T12:09:43.393Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1054",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1054/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2023-1.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "edgeConnector Siemens",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.40"
                }
              ]
            }
          ],
          "dateAssigned": "2023-02-28T18:05:53.949Z",
          "datePublic": "2023-08-09T15:55:45.687Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20498."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption (\u0027Resource Exhaustion\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T01:55:56.942Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1054",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1054/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2023-1.html"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-27334",
        "datePublished": "2024-05-03T01:55:56.942Z",
        "dateReserved": "2023-02-28T17:58:45.479Z",
        "dateUpdated": "2024-08-02T12:09:43.393Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-41151 (GCVE-0-2023-41151)

    Vulnerability from nvd – Published: 2023-12-14 00:00 – Updated: 2025-05-22 17:56
    VLAI
    Summary
    An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:54:03.437Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/syt-2023-3.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-41151",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-22T17:55:45.122620Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-400",
                    "description": "CWE-400 Uncontrolled Resource Consumption",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-22T17:56:46.034Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-14T18:51:07.048Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/syt-2023-3.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-41151",
        "datePublished": "2023-12-14T00:00:00.000Z",
        "dateReserved": "2023-08-24T00:00:00.000Z",
        "dateUpdated": "2025-05-22T17:56:46.034Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-39823 (GCVE-0-2022-39823)

    Vulnerability from nvd – Published: 2022-10-20 00:00 – Updated: 2025-05-08 18:56
    VLAI
    Summary
    An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:07:42.862Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.softing.com"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-8.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-39823",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T18:56:35.492848Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-08T18:56:58.134Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-20T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.softing.com"
            },
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-8.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-39823",
        "datePublished": "2022-10-20T00:00:00.000Z",
        "dateReserved": "2022-09-05T00:00:00.000Z",
        "dateUpdated": "2025-05-08T18:56:58.134Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-37453 (GCVE-0-2022-37453)

    Vulnerability from nvd – Published: 2022-10-20 00:00 – Updated: 2025-05-08 18:57
    VLAI
    Summary
    An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-787 - Out-of-bounds Write
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T10:29:21.061Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://softing.com"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-9.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-37453",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T18:57:43.699381Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-08T18:57:46.842Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-20T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://softing.com"
            },
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-9.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-37453",
        "datePublished": "2022-10-20T00:00:00.000Z",
        "dateReserved": "2022-08-07T00:00:00.000Z",
        "dateUpdated": "2025-05-08T18:57:46.842Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2547 (GCVE-0-2022-2547)

    Vulnerability from nvd – Published: 2022-08-17 20:06 – Updated: 2025-04-16 16:13
    VLAI
    Title
    Softing Secure Integration Server NULL Pointer Dereference
    Summary
    A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    References
    Impacted products
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:39:08.031Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2547",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:54:57.861751Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:13:29.833Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:06:38.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server NULL Pointer Dereference",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-2547",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server NULL Pointer Dereference"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-476: NULL Pointer Dereference"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
                },
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-2547",
        "datePublished": "2022-08-17T20:06:38.000Z",
        "dateReserved": "2022-07-26T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:13:29.833Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2338 (GCVE-0-2022-2338)

    Vulnerability from nvd – Published: 2022-08-17 20:15 – Updated: 2025-04-16 16:12
    VLAI
    Title
    Softing Secure Integration Server Cleartext Transmission of Sensitive Information
    Summary
    Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the request, which may be captured for use in authenticating to the server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-319 - Cleartext Transmission of Sensitive Information
    Assigner
    References
    Impacted products
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.605Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2338",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:50:48.300738Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:12:59.993Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the request, which may be captured for use in authenticating to the server."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-319",
                  "description": "CWE-319: Cleartext Transmission of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:15:03.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server Cleartext Transmission of Sensitive Information",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-2338",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server Cleartext Transmission of Sensitive Information"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the request, which may be captured for use in authenticating to the server."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-319: Cleartext Transmission of Sensitive Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                },
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-2338",
        "datePublished": "2022-08-17T20:15:03.000Z",
        "dateReserved": "2022-07-06T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:12:59.993Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2337 (GCVE-0-2022-2337)

    Vulnerability from nvd – Published: 2022-08-17 20:18 – Updated: 2025-04-16 16:12
    VLAI
    Title
    Softing Secure Integration Server NULL Pointer Dereference
    Summary
    A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    References
    Impacted products
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.697Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2337",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:54:42.760334Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:12:45.794Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:18:49.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server NULL Pointer Dereference",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-2337",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server NULL Pointer Dereference"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-476: NULL Pointer Dereference"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
                },
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-2337",
        "datePublished": "2022-08-17T20:18:49.000Z",
        "dateReserved": "2022-07-06T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:12:45.794Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2336 (GCVE-0-2022-2336)

    Vulnerability from nvd – Published: 2022-08-17 20:07 – Updated: 2025-04-16 16:13
    VLAI
    Title
    Softing Secure Integration Server Improper Authentication
    Summary
    Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admin`. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the `admin` password. There is no warning or prompt to ask the user to change the default password, and to change the password, many steps are required.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    References
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.614Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-6.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2336",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:53:43.764724Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:13:22.673Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            },
            {
              "product": "edgeConnector Siemens",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            },
            {
              "product": "edgeConnector 840D",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            },
            {
              "product": "edgeConnector Modbus",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            },
            {
              "product": "edgeAggregator",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admin`. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the `admin` password. There is no warning or prompt to ask the user to change the default password, and to change the password, many steps are required."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287: Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:07:46.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-6.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-6 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server Improper Authentication",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-2336",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server Improper Authentication"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeConnector Siemens",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeConnector 840D",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeConnector Modbus",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeAggregator",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admin`. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the `admin` password. There is no warning or prompt to ask the user to change the default password, and to change the password, many steps are required."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-287: Improper Authentication"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                },
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-6.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-6.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-6 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-2336",
        "datePublished": "2022-08-17T20:07:46.000Z",
        "dateReserved": "2022-07-06T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:13:22.673Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2335 (GCVE-0-2022-2335)

    Vulnerability from nvd – Published: 2022-08-17 20:13 – Updated: 2025-04-16 16:13
    VLAI
    Title
    Softing Secure Integration Server Integer Underflow
    Summary
    A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.693Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2335",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:54:49.307025Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:13:08.268Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-191",
                  "description": "CWE-191: Integer Underflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:13:15.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server Integer Underflow",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-2335",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server Integer Underflow"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-191: Integer Underflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
                },
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-2335",
        "datePublished": "2022-08-17T20:13:15.000Z",
        "dateReserved": "2022-07-06T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:13:08.268Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2334 (GCVE-0-2022-2334)

    Vulnerability from nvd – Published: 2022-08-17 20:11 – Updated: 2025-04-16 17:50
    VLAI
    Title
    Softing Secure Integration Server Uncontrolled Search Path Element
    Summary
    The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-427 - Uncontrolled Search Path Element
    Assigner
    References
    Impacted products
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2334",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T17:28:01.786557Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T17:50:24.791Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427: Uncontrolled Search Path Element",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:11:17.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server Uncontrolled Search Path Element",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-2334",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server Uncontrolled Search Path Element"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-427: Uncontrolled Search Path Element"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                },
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-2334",
        "datePublished": "2022-08-17T20:11:17.000Z",
        "dateReserved": "2022-07-06T00:00:00.000Z",
        "dateUpdated": "2025-04-16T17:50:24.791Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-1748 (GCVE-0-2022-1748)

    Vulnerability from nvd – Published: 2022-08-17 20:08 – Updated: 2025-04-16 16:13
    VLAI
    Title
    Softing Secure Integration Server NULL Pointer Dereference
    Summary
    Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    References
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:16:59.941Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-7.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-1748",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:54:53.897049Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:13:15.237Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            },
            {
              "product": "OPC UA C++ SDK",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V6.00"
                }
              ]
            },
            {
              "product": "edgeConnector Siemens",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            },
            {
              "product": "edgeConnector 840D",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            },
            {
              "product": "edgeConnector Modbus",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            },
            {
              "product": "edgeAggregator",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:08:38.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-7.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-7 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server NULL Pointer Dereference",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-1748",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server NULL Pointer Dereference"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "OPC UA C++ SDK",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V6.00"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeConnector Siemens",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeConnector 840D",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeConnector Modbus",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeAggregator",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-476: NULL Pointer Dereference"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                },
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-7.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-7.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-7 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-1748",
        "datePublished": "2022-08-17T20:08:38.000Z",
        "dateReserved": "2022-05-16T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:13:15.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-1373 (GCVE-0-2022-1373)

    Vulnerability from nvd – Published: 2022-08-17 20:10 – Updated: 2025-04-16 17:50
    VLAI
    Title
    Softing Secure Integration Server Relative Path Traversal
    Summary
    The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the "restore configuration" feature to upload a zip file containing a path traversal file may cause a file to be created and executed upon touching the disk.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-23 - Relative Path Traversal
    Assigner
    References
    Impacted products
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:03:05.938Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-1373",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T17:28:04.455540Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T17:50:36.586Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The \u201crestore configuration\u201d feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the \"restore configuration\" feature to upload a zip file containing a path traversal file may cause a file to be created and executed upon touching the disk."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23: Relative Path Traversal",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:10:24.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server Relative Path Traversal",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-1373",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server Relative Path Traversal"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The \u201crestore configuration\u201d feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the \"restore configuration\" feature to upload a zip file containing a path traversal file may cause a file to be created and executed upon touching the disk."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-23: Relative Path Traversal"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                },
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-1373",
        "datePublished": "2022-08-17T20:10:24.000Z",
        "dateReserved": "2022-04-14T00:00:00.000Z",
        "dateUpdated": "2025-04-16T17:50:36.586Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-1069 (GCVE-0-2022-1069)

    Vulnerability from nvd – Published: 2022-08-17 20:17 – Updated: 2025-04-16 16:12
    VLAI
    Title
    Softing Secure Integration Server Out-of-bounds Read
    Summary
    A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T23:47:43.266Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-1069",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:54:45.942698Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:12:52.772Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:17:11.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server Out-of-bounds Read",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-1069",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server Out-of-bounds Read"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-125: Out-of-bounds Read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
                },
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-1069",
        "datePublished": "2022-08-17T20:17:11.000Z",
        "dateReserved": "2022-03-24T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:12:52.772Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-32994 (GCVE-0-2021-32994)

    Vulnerability from nvd – Published: 2022-04-04 19:45 – Updated: 2025-04-16 16:31
    VLAI
    Title
    Softing OPC-UA C++ SDK Improper Restriction of Operations within the Bounds of a Memory Buffer
    Summary
    Softing OPC UA C++ SDK (Software Development Kit) versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locations.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Credits
    Eran Jacob of OTORIO reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:42:18.878Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-168-02"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-32994",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:57:45.246974Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:31:19.514Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OPC UA C++ SDK (Software Development Kit)",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThan": "5.64",
                  "status": "affected",
                  "version": "5.59",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Eran Jacob of OTORIO reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing OPC UA C++ SDK (Software Development Kit) versions from 5.59 to 5.64 exported library functions don\u0027t properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locations."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-04T19:45:58.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-168-02"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing has released version 5.65 to address this vulnerability and has notified known users of the release. As this vulnerability only affects the publisher and subscriber protocol, Softing highly recommends customers using this protocol to upgrade to the latest version or disable the functionality. Please download the latest software package from the Softing website. "
            }
          ],
          "source": {
            "advisory": "ICSA-21-166-02",
            "discovery": "EXTERNAL"
          },
          "title": "Softing OPC-UA C++ SDK Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2021-32994",
              "STATE": "PUBLIC",
              "TITLE": "Softing OPC-UA C++ SDK Improper Restriction of Operations within the Bounds of a Memory Buffer"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "OPC UA C++ SDK (Software Development Kit)",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.59",
                                "version_value": "5.64"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Eran Jacob of OTORIO reported this vulnerability to CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Softing OPC UA C++ SDK (Software Development Kit) versions from 5.59 to 5.64 exported library functions don\u0027t properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locations."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-168-02",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-168-02"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing has released version 5.65 to address this vulnerability and has notified known users of the release. As this vulnerability only affects the publisher and subscriber protocol, Softing highly recommends customers using this protocol to upgrade to the latest version or disable the functionality. Please download the latest software package from the Softing website. "
              }
            ],
            "source": {
              "advisory": "ICSA-21-166-02",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2021-32994",
        "datePublished": "2022-04-04T19:45:58.000Z",
        "dateReserved": "2021-05-13T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:31:19.514Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-42577 (GCVE-0-2021-42577)

    Vulnerability from nvd – Published: 2022-03-11 22:09 – Updated: 2024-08-04 03:38
    VLAI
    Summary
    An issue was discovered in Softing OPC UA C++ SDK before 5.70. A malformed OPC/UA message abort packet makes the client crash with a NULL pointer dereference.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T03:38:49.370Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://softing.com"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin_CVE-2021-42577.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Softing OPC UA C++ SDK before 5.70. A malformed OPC/UA message abort packet makes the client crash with a NULL pointer dereference."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-11T22:09:25.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://softing.com"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin_CVE-2021-42577.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-42577",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in Softing OPC UA C++ SDK before 5.70. A malformed OPC/UA message abort packet makes the client crash with a NULL pointer dereference."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://softing.com",
                  "refsource": "MISC",
                  "url": "https://softing.com"
                },
                {
                  "name": "https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin_CVE-2021-42577.pdf",
                  "refsource": "MISC",
                  "url": "https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin_CVE-2021-42577.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-42577",
        "datePublished": "2022-03-11T22:09:25.000Z",
        "dateReserved": "2021-10-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T03:38:49.370Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-42262 (GCVE-0-2021-42262)

    Vulnerability from nvd – Published: 2022-03-11 22:05 – Updated: 2024-08-04 03:30
    VLAI
    Summary
    An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T03:30:38.151Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/us/solutions/opc-and-opc-ua.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin_CVE-2021-42262.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-11T22:05:46.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://industrial.softing.com/us/solutions/opc-and-opc-ua.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin_CVE-2021-42262.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-42262",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://industrial.softing.com/us/solutions/opc-and-opc-ua.html",
                  "refsource": "MISC",
                  "url": "https://industrial.softing.com/us/solutions/opc-and-opc-ua.html"
                },
                {
                  "name": "https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin_CVE-2021-42262.pdf",
                  "refsource": "MISC",
                  "url": "https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin_CVE-2021-42262.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-42262",
        "datePublished": "2022-03-11T22:05:46.000Z",
        "dateReserved": "2021-10-11T00:00:00.000Z",
        "dateUpdated": "2024-08-04T03:30:38.151Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-27334 (GCVE-0-2023-27334)

    Vulnerability from cvelistv5 – Published: 2024-05-03 01:55 – Updated: 2024-08-02 12:09
    VLAI
    Title
    Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability
    Summary
    Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20498.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption ('Resource Exhaustion')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Softing edgeConnector Siemens Affected: 3.40
    Create a notification for this product.
    softing edgeconnector Affected: 3.40
        cpe:2.3:a:softing:edgeconnector:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2023-08-09 15:55
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:softing:edgeconnector:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "edgeconnector",
                "vendor": "softing",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.40"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-27334",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-21T15:55:32.192681Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:24:56.955Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T12:09:43.393Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ZDI-23-1054",
                "tags": [
                  "x_research-advisory",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1054/"
              },
              {
                "name": "vendor-provided URL",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2023-1.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "edgeConnector Siemens",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.40"
                }
              ]
            }
          ],
          "dateAssigned": "2023-02-28T18:05:53.949Z",
          "datePublic": "2023-08-09T15:55:45.687Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20498."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption (\u0027Resource Exhaustion\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-03T01:55:56.942Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-23-1054",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1054/"
            },
            {
              "name": "vendor-provided URL",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2023-1.html"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
          },
          "title": "Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2023-27334",
        "datePublished": "2024-05-03T01:55:56.942Z",
        "dateReserved": "2023-02-28T17:58:45.479Z",
        "dateUpdated": "2024-08-02T12:09:43.393Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-41151 (GCVE-0-2023-41151)

    Vulnerability from cvelistv5 – Published: 2023-12-14 00:00 – Updated: 2025-05-22 17:56
    VLAI
    Summary
    An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:54:03.437Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/syt-2023-3.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-41151",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-22T17:55:45.122620Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-400",
                    "description": "CWE-400 Uncontrolled Resource Consumption",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-22T17:56:46.034Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-14T18:51:07.048Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/syt-2023-3.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-41151",
        "datePublished": "2023-12-14T00:00:00.000Z",
        "dateReserved": "2023-08-24T00:00:00.000Z",
        "dateUpdated": "2025-05-22T17:56:46.034Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-37453 (GCVE-0-2022-37453)

    Vulnerability from cvelistv5 – Published: 2022-10-20 00:00 – Updated: 2025-05-08 18:57
    VLAI
    Summary
    An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-787 - Out-of-bounds Write
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T10:29:21.061Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://softing.com"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-9.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-37453",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T18:57:43.699381Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-08T18:57:46.842Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-20T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://softing.com"
            },
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-9.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-37453",
        "datePublished": "2022-10-20T00:00:00.000Z",
        "dateReserved": "2022-08-07T00:00:00.000Z",
        "dateUpdated": "2025-05-08T18:57:46.842Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-39823 (GCVE-0-2022-39823)

    Vulnerability from cvelistv5 – Published: 2022-10-20 00:00 – Updated: 2025-05-08 18:56
    VLAI
    Summary
    An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:07:42.862Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.softing.com"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-8.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-39823",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T18:56:35.492848Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-08T18:56:58.134Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-20T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.softing.com"
            },
            {
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-8.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-39823",
        "datePublished": "2022-10-20T00:00:00.000Z",
        "dateReserved": "2022-09-05T00:00:00.000Z",
        "dateUpdated": "2025-05-08T18:56:58.134Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2337 (GCVE-0-2022-2337)

    Vulnerability from cvelistv5 – Published: 2022-08-17 20:18 – Updated: 2025-04-16 16:12
    VLAI
    Title
    Softing Secure Integration Server NULL Pointer Dereference
    Summary
    A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    References
    Impacted products
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.697Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2337",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:54:42.760334Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:12:45.794Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:18:49.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server NULL Pointer Dereference",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-2337",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server NULL Pointer Dereference"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-476: NULL Pointer Dereference"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
                },
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-2337",
        "datePublished": "2022-08-17T20:18:49.000Z",
        "dateReserved": "2022-07-06T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:12:45.794Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-1069 (GCVE-0-2022-1069)

    Vulnerability from cvelistv5 – Published: 2022-08-17 20:17 – Updated: 2025-04-16 16:12
    VLAI
    Title
    Softing Secure Integration Server Out-of-bounds Read
    Summary
    A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T23:47:43.266Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-1069",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:54:45.942698Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:12:52.772Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:17:11.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server Out-of-bounds Read",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-1069",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server Out-of-bounds Read"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-125: Out-of-bounds Read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
                },
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-1069",
        "datePublished": "2022-08-17T20:17:11.000Z",
        "dateReserved": "2022-03-24T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:12:52.772Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2338 (GCVE-0-2022-2338)

    Vulnerability from cvelistv5 – Published: 2022-08-17 20:15 – Updated: 2025-04-16 16:12
    VLAI
    Title
    Softing Secure Integration Server Cleartext Transmission of Sensitive Information
    Summary
    Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the request, which may be captured for use in authenticating to the server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-319 - Cleartext Transmission of Sensitive Information
    Assigner
    References
    Impacted products
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.605Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2338",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:50:48.300738Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:12:59.993Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the request, which may be captured for use in authenticating to the server."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-319",
                  "description": "CWE-319: Cleartext Transmission of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:15:03.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server Cleartext Transmission of Sensitive Information",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-2338",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server Cleartext Transmission of Sensitive Information"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the request, which may be captured for use in authenticating to the server."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-319: Cleartext Transmission of Sensitive Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                },
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-2338",
        "datePublished": "2022-08-17T20:15:03.000Z",
        "dateReserved": "2022-07-06T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:12:59.993Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2335 (GCVE-0-2022-2335)

    Vulnerability from cvelistv5 – Published: 2022-08-17 20:13 – Updated: 2025-04-16 16:13
    VLAI
    Title
    Softing Secure Integration Server Integer Underflow
    Summary
    A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.693Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2335",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:54:49.307025Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:13:08.268Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-191",
                  "description": "CWE-191: Integer Underflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:13:15.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server Integer Underflow",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-2335",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server Integer Underflow"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-191: Integer Underflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
                },
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-2335",
        "datePublished": "2022-08-17T20:13:15.000Z",
        "dateReserved": "2022-07-06T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:13:08.268Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2334 (GCVE-0-2022-2334)

    Vulnerability from cvelistv5 – Published: 2022-08-17 20:11 – Updated: 2025-04-16 17:50
    VLAI
    Title
    Softing Secure Integration Server Uncontrolled Search Path Element
    Summary
    The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-427 - Uncontrolled Search Path Element
    Assigner
    References
    Impacted products
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2334",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T17:28:01.786557Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T17:50:24.791Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427: Uncontrolled Search Path Element",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:11:17.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server Uncontrolled Search Path Element",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-2334",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server Uncontrolled Search Path Element"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-427: Uncontrolled Search Path Element"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                },
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-2334",
        "datePublished": "2022-08-17T20:11:17.000Z",
        "dateReserved": "2022-07-06T00:00:00.000Z",
        "dateUpdated": "2025-04-16T17:50:24.791Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-1373 (GCVE-0-2022-1373)

    Vulnerability from cvelistv5 – Published: 2022-08-17 20:10 – Updated: 2025-04-16 17:50
    VLAI
    Title
    Softing Secure Integration Server Relative Path Traversal
    Summary
    The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the "restore configuration" feature to upload a zip file containing a path traversal file may cause a file to be created and executed upon touching the disk.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-23 - Relative Path Traversal
    Assigner
    References
    Impacted products
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:03:05.938Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-1373",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T17:28:04.455540Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T17:50:36.586Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The \u201crestore configuration\u201d feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the \"restore configuration\" feature to upload a zip file containing a path traversal file may cause a file to be created and executed upon touching the disk."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-23",
                  "description": "CWE-23: Relative Path Traversal",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:10:24.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server Relative Path Traversal",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-1373",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server Relative Path Traversal"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The \u201crestore configuration\u201d feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the \"restore configuration\" feature to upload a zip file containing a path traversal file may cause a file to be created and executed upon touching the disk."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-23: Relative Path Traversal"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                },
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-1373",
        "datePublished": "2022-08-17T20:10:24.000Z",
        "dateReserved": "2022-04-14T00:00:00.000Z",
        "dateUpdated": "2025-04-16T17:50:36.586Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-1748 (GCVE-0-2022-1748)

    Vulnerability from cvelistv5 – Published: 2022-08-17 20:08 – Updated: 2025-04-16 16:13
    VLAI
    Title
    Softing Secure Integration Server NULL Pointer Dereference
    Summary
    Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    References
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:16:59.941Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-7.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-1748",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:54:53.897049Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:13:15.237Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            },
            {
              "product": "OPC UA C++ SDK",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V6.00"
                }
              ]
            },
            {
              "product": "edgeConnector Siemens",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            },
            {
              "product": "edgeConnector 840D",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            },
            {
              "product": "edgeConnector Modbus",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            },
            {
              "product": "edgeAggregator",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:08:38.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-7.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-7 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server NULL Pointer Dereference",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-1748",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server NULL Pointer Dereference"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "OPC UA C++ SDK",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V6.00"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeConnector Siemens",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeConnector 840D",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeConnector Modbus",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeAggregator",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Softing OPC UA C++ Server SDK, Secure Integration Server, edgeConnector, edgeAggregator, OPC Suite, and uaGate are affected by a NULL pointer dereference vulnerability."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-476: NULL Pointer Dereference"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                },
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-7.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-7.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-7 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-1748",
        "datePublished": "2022-08-17T20:08:38.000Z",
        "dateReserved": "2022-05-16T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:13:15.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2336 (GCVE-0-2022-2336)

    Vulnerability from cvelistv5 – Published: 2022-08-17 20:07 – Updated: 2025-04-16 16:13
    VLAI
    Title
    Softing Secure Integration Server Improper Authentication
    Summary
    Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admin`. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the `admin` password. There is no warning or prompt to ask the user to change the default password, and to change the password, many steps are required.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    References
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.614Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-6.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2336",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:53:43.764724Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:13:22.673Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            },
            {
              "product": "edgeConnector Siemens",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            },
            {
              "product": "edgeConnector 840D",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            },
            {
              "product": "edgeConnector Modbus",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            },
            {
              "product": "edgeAggregator",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V3.10"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admin`. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the `admin` password. There is no warning or prompt to ask the user to change the default password, and to change the password, many steps are required."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287: Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:07:46.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-6.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-6 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server Improper Authentication",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-2336",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server Improper Authentication"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeConnector Siemens",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeConnector 840D",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeConnector Modbus",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "edgeAggregator",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V3.10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admin`. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the `admin` password. There is no warning or prompt to ask the user to change the default password, and to change the password, many steps are required."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-287: Improper Authentication"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                },
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-6.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-6.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-6 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-2336",
        "datePublished": "2022-08-17T20:07:46.000Z",
        "dateReserved": "2022-07-06T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:13:22.673Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2547 (GCVE-0-2022-2547)

    Vulnerability from cvelistv5 – Published: 2022-08-17 20:06 – Updated: 2025-04-16 16:13
    VLAI
    Title
    Softing Secure Integration Server NULL Pointer Dereference
    Summary
    A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    References
    Impacted products
    Credits
    Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:39:08.031Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-2547",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:54:57.861751Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:13:29.833Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Secure Integration Server",
              "vendor": "Softing",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1.22"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T20:06:38.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Softing Secure Integration Server NULL Pointer Dereference",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2022-2547",
              "STATE": "PUBLIC",
              "TITLE": "Softing Secure Integration Server NULL Pointer Dereference"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Secure Integration Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "V1.22"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-476: NULL Pointer Dereference"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html",
                  "refsource": "CONFIRM",
                  "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html"
                },
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-4 on the Softing security website."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-2547",
        "datePublished": "2022-08-17T20:06:38.000Z",
        "dateReserved": "2022-07-26T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:13:29.833Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-32994 (GCVE-0-2021-32994)

    Vulnerability from cvelistv5 – Published: 2022-04-04 19:45 – Updated: 2025-04-16 16:31
    VLAI
    Title
    Softing OPC-UA C++ SDK Improper Restriction of Operations within the Bounds of a Memory Buffer
    Summary
    Softing OPC UA C++ SDK (Software Development Kit) versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locations.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    References
    Impacted products
    Credits
    Eran Jacob of OTORIO reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:42:18.878Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-168-02"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-32994",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T15:57:45.246974Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T16:31:19.514Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OPC UA C++ SDK (Software Development Kit)",
              "vendor": "Softing",
              "versions": [
                {
                  "lessThan": "5.64",
                  "status": "affected",
                  "version": "5.59",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Eran Jacob of OTORIO reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Softing OPC UA C++ SDK (Software Development Kit) versions from 5.59 to 5.64 exported library functions don\u0027t properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locations."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-04T19:45:58.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-168-02"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Softing has released version 5.65 to address this vulnerability and has notified known users of the release. As this vulnerability only affects the publisher and subscriber protocol, Softing highly recommends customers using this protocol to upgrade to the latest version or disable the functionality. Please download the latest software package from the Softing website. "
            }
          ],
          "source": {
            "advisory": "ICSA-21-166-02",
            "discovery": "EXTERNAL"
          },
          "title": "Softing OPC-UA C++ SDK Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2021-32994",
              "STATE": "PUBLIC",
              "TITLE": "Softing OPC-UA C++ SDK Improper Restriction of Operations within the Bounds of a Memory Buffer"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "OPC UA C++ SDK (Software Development Kit)",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "5.59",
                                "version_value": "5.64"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Softing"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Eran Jacob of OTORIO reported this vulnerability to CISA."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Softing OPC UA C++ SDK (Software Development Kit) versions from 5.59 to 5.64 exported library functions don\u0027t properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locations."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-168-02",
                  "refsource": "CONFIRM",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-168-02"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Softing has released version 5.65 to address this vulnerability and has notified known users of the release. As this vulnerability only affects the publisher and subscriber protocol, Softing highly recommends customers using this protocol to upgrade to the latest version or disable the functionality. Please download the latest software package from the Softing website. "
              }
            ],
            "source": {
              "advisory": "ICSA-21-166-02",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2021-32994",
        "datePublished": "2022-04-04T19:45:58.000Z",
        "dateReserved": "2021-05-13T00:00:00.000Z",
        "dateUpdated": "2025-04-16T16:31:19.514Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }