CVE-2023-29377

Name of the Vulnerable Software and Affected Versions Softing OPC UA C++ SDK versions (affected versions not specified) Softing Secure Integration Server versions (affected versions not specified)

Description The issue is related to the incorrect restriction of a directory path name with limited access in the implementation of OPC UA methods in the Softing OPC UA C++ SDK and the Secure Integration Server data integration tool. This can allow a remote attacker to execute arbitrary code by exploiting the vulnerability.

Recommendations For Softing OPC UA C++ SDK, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Softing Secure Integration Server, at the moment, there is no information about a newer version that contains a fix for this vulnerability.