Opc

This hub aggregates every CVE we track for Opc, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Opc.

• CVE-2023-41151An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while soc...7.5Dec 14, 2023
• CVE-2023-37572Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to obtain sensitive information via weak permissions in OSF_discovery service. The service executable could ...7.5Dec 5, 2023
• CVE-2022-39823An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error7.5Oct 20, 2022
• CVE-2022-37453An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types.7.5Oct 20, 2022
• CVE-2022-2337Softing Secure Integration Server NULL Pointer Dereference7.5Aug 17, 2022
• CVE-2022-1069Softing Secure Integration Server Out-of-bounds Read7.5Aug 17, 2022
• CVE-2022-2338Softing Secure Integration Server Cleartext Transmission of Sensitive Information5.7Aug 17, 2022
• CVE-2022-2335Softing Secure Integration Server Integer Underflow7.5Aug 17, 2022
• CVE-2022-2334Softing Secure Integration Server Uncontrolled Search Path Element7.2Aug 17, 2022
• CVE-2022-1373Softing Secure Integration Server Relative Path Traversal7.2Aug 17, 2022
• CVE-2022-1748Softing Secure Integration Server NULL Pointer Dereference7.5Aug 17, 2022
• CVE-2022-2336Softing Secure Integration Server Improper Authentication9.8Aug 17, 2022
• CVE-2022-2547Softing Secure Integration Server NULL Pointer Dereference7.5Aug 17, 2022
• CVE-2021-40873An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66, and uaToolkit Embedded before 1.40. Remote attackers to cause a denial of service (DoS) by sending crafted messa...7.5Nov 10, 2021
• CVE-2021-40871An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66. Remote attackers to cause a denial of service (DoS) by sending crafted messages to a OPC/UA client. The client p...7.5Nov 10, 2021