Softing

Edgeaggregator

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1

CVE-2025-7390

  • EPSS 0.03%
  • Veröffentlicht 21.08.2025 06:15:35
  • Zuletzt bearbeitet 22.08.2025 18:09:17

A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication.

6.5

CVE-2023-39482

  • EPSS 0.17%
  • Veröffentlicht 03.05.2024 03:15:14
  • Zuletzt bearbeitet 12.08.2025 14:44:04

Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although ...

8.8

CVE-2023-38125

  • EPSS 0.66%
  • Veröffentlicht 03.05.2024 03:15:10
  • Zuletzt bearbeitet 12.08.2025 15:47:59

Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication...

7.5

CVE-2023-27336

  • EPSS 0.29%
  • Veröffentlicht 03.05.2024 02:15:10
  • Zuletzt bearbeitet 13.08.2025 00:04:00

Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authe...

9.6

CVE-2023-27335

  • EPSS 0.55%
  • Veröffentlicht 03.05.2024 02:15:10
  • Zuletzt bearbeitet 13.08.2025 00:09:13

Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. User interaction is required to exploit ...

7.5

CVE-2023-27334

  • EPSS 0.59%
  • Veröffentlicht 03.05.2024 02:15:10
  • Zuletzt bearbeitet 13.08.2025 00:10:16

Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authent...

7.5

CVE-2024-0860

  • EPSS 0.03%
  • Veröffentlicht 14.03.2024 21:15:50
  • Zuletzt bearbeitet 23.01.2025 19:56:53

The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker to capture packets to craft their own requests.

7.2

CVE-2023-38126

  • EPSS 6.48%
  • Veröffentlicht 19.12.2023 22:15:07
  • Zuletzt bearbeitet 21.11.2024 08:12:54

Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required...

7.5

CVE-2022-37453

  • EPSS 0.46%
  • Veröffentlicht 20.10.2022 21:15:10
  • Zuletzt bearbeitet 08.05.2025 19:15:52

An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types.

7.5

CVE-2022-2547

  • EPSS 0.73%
  • Veröffentlicht 17.08.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 07:01:13

A crafted HTTP packet without a content-type header can create a denial-of-service condition in Softing Secure Integration Server V1.22.