CVE-2022-37453

An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:softing:edgeaggregator:*:*:*:*:*:*:*:*
cpe:2.3:a:softing:edgeconnector:*:*:*:*:*:*:*:*
cpe:2.3:a:softing:opc:*:*:*:*:*:*:*:*
cpe:2.3:a:softing:opc_ua_c\+\+_software_development_kit:*:*:*:*:*:*:*:*
cpe:2.3:a:softing:secure_integration_server:*:*:*:*:*:*:*:*
cpe:2.3:a:softing:uagates:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:15

Type Values Removed Values Added
References () https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-9.html - Mitigation, Vendor Advisory () https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-9.html - Mitigation, Vendor Advisory
References () https://softing.com - Vendor Advisory () https://softing.com - Vendor Advisory

25 Oct 2022, 19:35

Type Values Removed Values Added
CPE cpe:2.3:a:softing:edgeconnector:*:*:*:*:*:*:*:*
cpe:2.3:a:softing:opc:*:*:*:*:*:*:*:*
cpe:2.3:a:softing:uagates:*:*:*:*:*:*:*:*
cpe:2.3:a:softing:edgeaggregator:*:*:*:*:*:*:*:*
cpe:2.3:a:softing:secure_integration_server:*:*:*:*:*:*:*:*
cpe:2.3:a:softing:opc_ua_c\+\+_software_development_kit:*:*:*:*:*:*:*:*
References (MISC) https://softing.com - (MISC) https://softing.com - Vendor Advisory
References (MISC) https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-9.html - (MISC) https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-9.html - Mitigation, Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CWE CWE-787

20 Oct 2022, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-10-20 21:15

Updated : 2024-11-21 07:15


NVD link : CVE-2022-37453

Mitre link : CVE-2022-37453

CVE.ORG link : CVE-2022-37453


JSON object : View

Products Affected

softing

  • opc_ua_c\+\+_software_development_kit
  • edgeaggregator
  • uagates
  • edgeconnector
  • opc
  • secure_integration_server
CWE
CWE-787

Out-of-bounds Write