Softing · Softing Opc Suite · CVE-2023-37572
**Name of the Vulnerable Software and Affected Versions**
Softing OPC Suite versions 5.25 and before
**Description**
The issue is related to Incorrect Access Control, allowing attackers to obtain sensitive information via weak permissions in the OSF discovery service. This could enable changes to the service executable or deletion of the service.
**Recommendations**
For Softing OPC Suite versions 5.25 and before, consider restricting access to the OSF discovery service to minimize the risk of exploitation. As a temporary workaround, review and strengthen the permissions associated with the service to prevent unauthorized modifications or deletions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.