GCVE - cpe:2.3:a:softing:opc:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:softing:opc:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Softing (`4b32be6d-69ed-5932-83e7-5560b6afc48d`)
Product	Opc (`c840e185-02e4-5a55-abc2-46117523a02d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-41151`	vulnerable	2026-06-03 14:52:51.201054	Details available An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing. Published: 2023-12-14T00:00:00.000Z Updated: 2025-05-22T17:56:46.034Z Open on db.gcve.eu Reference links https://industrial.softing.com/fileadmin/psirt/downloads/2023/syt-2023-3.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-37572`	vulnerable	2026-06-03 14:52:29.301530	Details available Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to obtain sensitive information via weak permissions in OSF_discovery service. The service executable could be changed or the service could be deleted. Published: 2023-12-05T00:00:00.000Z Updated: 2024-10-11T18:05:27.694Z Open on db.gcve.eu Reference links https://industrial.softing.com/fileadmin/psirt/downloads/2023/syt-2023-5.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-39823`	vulnerable	2026-06-03 14:47:51.682973	Details available An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error Published: 2022-10-20T00:00:00.000Z Updated: 2025-05-08T18:56:58.134Z Open on db.gcve.eu Reference links https://www.softing.com https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-8.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-37453`	vulnerable	2026-06-03 14:47:47.405107	Details available An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types. Published: 2022-10-20T00:00:00.000Z Updated: 2025-05-08T18:57:46.842Z Open on db.gcve.eu Reference links https://softing.com https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-9.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-40873`	vulnerable	2026-06-03 14:45:24.755620	Details available An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66, and uaToolkit Embedded before 1.40. Remote attackers to cause a denial of service (DoS) by sending crafted messages to a client or server. The server process may crash unexpectedly because of a double free, and must be restarted. Published: 2021-11-10T22:48:27.000Z Updated: 2024-08-04T02:51:07.755Z Open on db.gcve.eu Reference links https://industrial.softing.com/ https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin_CVE-2021-40873.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-40871`	vulnerable	2026-06-03 14:45:24.749359	Details available An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66. Remote attackers to cause a denial of service (DoS) by sending crafted messages to a OPC/UA client. The client process may crash unexpectedly because of a wrong type cast, and must be restarted. Published: 2021-11-10T22:43:26.000Z Updated: 2024-08-04T02:51:07.780Z Open on db.gcve.eu Reference links https://industrial.softing.com/ https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin-CVE-2021-40871.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-14524`	vulnerable	2026-06-03 14:41:44.150322	Softing Industrial Automation OPC CRITICAL (9.8) Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. Published: 2020-08-25T13:36:17.917Z Updated: 2024-09-17T01:55:40.883Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-20-210-02	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-14522`	vulnerable	2026-06-03 14:41:44.131644	Softing Industrial Automation OPC HIGH (7.5) Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to uncontrolled resource consumption, which may allow an attacker to cause a denial-of-service condition. Published: 2020-08-25T13:35:02.997Z Updated: 2024-09-16T19:47:21.325Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-20-210-02	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.