GCVE - cpe:2.3:a:softing:opc_ua_c\+\+_software_development

Approved changes feed: RSS · Atom

cpe:2.3:a:softing:opc_ua_c\+\+_software_development_kit:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Softing (`4b32be6d-69ed-5932-83e7-5560b6afc48d`)
Product	Opc Ua C++ Software Development Kit (`0fc3c291-cbd8-5284-af49-6d5a2997cf25`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-41151`	vulnerable	2026-06-03 14:52:51.201865	Details available An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing. Published: 2023-12-14T00:00:00.000Z Updated: 2025-05-22T17:56:46.034Z Open on db.gcve.eu Reference links https://industrial.softing.com/fileadmin/psirt/downloads/2023/syt-2023-3.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-27334`	vulnerable	2026-06-03 14:51:00.945553	Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability HIGH (7.5) Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20498. Published: 2024-05-03T01:55:56.942Z Updated: 2024-08-02T12:09:43.393Z Open on db.gcve.eu Reference links https://www.zerodayinitiative.com/advisories/ZDI-23-1054/ https://industrial.softing.com/fileadmin/psirt/downloads/syt-2023-1.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-39823`	vulnerable	2026-06-03 14:47:51.682997	Details available An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error Published: 2022-10-20T00:00:00.000Z Updated: 2025-05-08T18:56:58.134Z Open on db.gcve.eu Reference links https://www.softing.com https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-8.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-37453`	vulnerable	2026-06-03 14:47:47.405668	Details available An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types. Published: 2022-10-20T00:00:00.000Z Updated: 2025-05-08T18:57:46.842Z Open on db.gcve.eu Reference links https://softing.com https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-9.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-42577`	vulnerable	2026-06-03 14:45:27.319384	Details available An issue was discovered in Softing OPC UA C++ SDK before 5.70. A malformed OPC/UA message abort packet makes the client crash with a NULL pointer dereference. Published: 2022-03-11T22:09:25.000Z Updated: 2024-08-04T03:38:49.370Z Open on db.gcve.eu Reference links https://softing.com https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin_CVE-2021-42577.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-42262`	vulnerable	2026-06-03 14:45:27.011090	Details available An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition. Published: 2022-03-11T22:05:46.000Z Updated: 2024-08-04T03:30:38.151Z Open on db.gcve.eu Reference links https://industrial.softing.com/us/solutions/opc-and-opc-ua.html https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin_CVE-2021-42262.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-32994`	vulnerable	2026-06-03 14:44:40.673398	Softing OPC-UA C++ SDK Improper Restriction of Operations within the Bounds of a Memory Buffer HIGH (7.5) Softing OPC UA C++ SDK (Software Development Kit) versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locations. Published: 2022-04-04T19:45:58.000Z Updated: 2025-04-16T16:31:19.514Z Open on db.gcve.eu Reference links https://www.cisa.gov/uscert/ics/advisories/icsa-21-168-02	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Opc Ua C++ Software Development Kit

PURL mappings

Vulnerability references

Contribute