CVE-2021-32994

Name of the Vulnerable Software and Affected Versions Softing OPC UA C++ SDK versions 5.59 through 5.64

Description The issue arises from the exported library functions in the Softing OPC UA C++ SDK not properly validating received extension objects. This may allow an attacker to crash the software by sending specially crafted packets to access unexpected memory locations.

Recommendations For versions 5.59 through 5.64, consider restricting access to the exported library functions until a patch is available. As a temporary workaround, avoid using the received extension objects in the affected library functions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.