PT-2023-4614 · Softing · Softing Edgeconnector Siemens
Published
2023-02-22
·
Updated
2025-08-13
·
CVE-2023-27336
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Softing edgeConnector Siemens (affected versions not specified)
Description
The issue is related to a null pointer dereference error in the handling of OPC client certificates, which can be exploited by remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. No authentication is required to exploit this issue. The problem arises from the system's failure to properly handle certain certificate requests, leading to a denial-of-service condition.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Softing Edgeconnector Siemens