An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66. Remote attackers to cause a denial of service (DoS) by sending crafted messages to a OPC/UA client. The client process may crash unexpectedly because of a wrong type cast, and must be restarted.
References
Link | Resource |
---|---|
https://industrial.softing.com/ | Vendor Advisory |
https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin-CVE-2021-40871.pdf | Vendor Advisory |
https://industrial.softing.com/ | Vendor Advisory |
https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin-CVE-2021-40871.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:24
Type | Values Removed | Values Added |
---|---|---|
References | () https://industrial.softing.com/ - Vendor Advisory | |
References | () https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin-CVE-2021-40871.pdf - Vendor Advisory |
16 Nov 2021, 14:47
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
References | (MISC) https://industrial.softing.com/ - Vendor Advisory | |
References | (MISC) https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin-CVE-2021-40871.pdf - Vendor Advisory | |
CPE | cpe:2.3:a:softing:datafeed_opc_suite:*:*:*:*:*:*:*:* cpe:2.3:a:softing:th_scope:*:*:*:*:*:*:*:* cpe:2.3:a:softing:opc:*:*:*:*:*:*:*:* cpe:2.3:a:softing:secure_integration_server:*:*:*:*:*:*:*:* |
|
CWE | CWE-843 |
11 Nov 2021, 01:53
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-11-10 23:15
Updated : 2024-11-21 06:24
NVD link : CVE-2021-40871
Mitre link : CVE-2021-40871
CVE.ORG link : CVE-2021-40871
JSON object : View
Products Affected
softing
- datafeed_opc_suite
- th_scope
- secure_integration_server
- opc
CWE
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')