CVE-2023-39480

Name of the Vulnerable Software and Affected Versions Softing Secure Integration Server (affected versions not specified)

Description This issue allows remote attackers to create arbitrary files on affected installations, despite requiring authentication, which can be bypassed. The flaw exists within the handling of FileDirectory OPC UA Objects, resulting from unauthorized access to the filesystem. An attacker can leverage this, potentially in conjunction with other issues, to execute arbitrary code in the context of root.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.