Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 10/11/2021 Updated: 16/11/2021

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

An issue exists in Softing Industrial Automation uaToolkit Embedded prior to 1.40. Remote malicious users to cause a denial of service (DoS) or login as an anonymous user (bypassing security checks) by sending crafted messages to a OPC/UA server. The server process may crash unexpectedly because of an invalid type cast, and must be restarted.

Vulnerable Product	Search on Vulmon	Subscribe to Product
softing smartlink hw-dp
softing uatoolkit embedded

CWE-843 https://industrial.softing.com/https://industrial.softing.com/fileadmin/sof-files/pdf/ia/support/Security_Bulletin_CVE-2021-40872.pdf https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-40872

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect