Vulnerability Details CVE-2021-40873
An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66, and uaToolkit Embedded before 1.40. Remote attackers to cause a denial of service (DoS) by sending crafted messages to a client or server. The server process may crash unexpectedly because of a double free, and must be restarted.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2021-40873
-
cpe:2.3:a:softing:datafeed_opc_suite:-
-
cpe:2.3:a:softing:datafeed_opc_suite:5.17
-
cpe:2.3:a:softing:edgeconnector:-
-
cpe:2.3:a:softing:edgeconnector:2.31
-
cpe:2.3:a:softing:opc:-
-
cpe:2.3:a:softing:opc:4.20.00
-
cpe:2.3:a:softing:opc:4.20.01
-
cpe:2.3:a:softing:opc:4.20.02
-
cpe:2.3:a:softing:opc:4.20.03
-
cpe:2.3:a:softing:opc:4.20.04
-
cpe:2.3:a:softing:opc:4.22.00
-
cpe:2.3:a:softing:opc:4.22.01
-
cpe:2.3:a:softing:opc:4.22.03
-
cpe:2.3:a:softing:opc:4.22.05
-
cpe:2.3:a:softing:opc:4.30.0
-
cpe:2.3:a:softing:opc:4.30.1
-
cpe:2.3:a:softing:opc:4.31.0
-
cpe:2.3:a:softing:opc:4.31.1
-
cpe:2.3:a:softing:opc:4.40.0
-
cpe:2.3:a:softing:opc:4.40.1
-
cpe:2.3:a:softing:opc:4.40.2
-
cpe:2.3:a:softing:opc:4.40.3
-
cpe:2.3:a:softing:opc:4.41.0
-
cpe:2.3:a:softing:opc:4.41.1
-
cpe:2.3:a:softing:opc:4.41.2
-
cpe:2.3:a:softing:opc:4.45.0
-
cpe:2.3:a:softing:opc:4.46.0
-
cpe:2.3:a:softing:opc:4.47.0
-
cpe:2.3:a:softing:opc:4.47.1
-
cpe:2.3:a:softing:opc:5.2
-
cpe:2.3:a:softing:opc:5.30
-
cpe:2.3:a:softing:opc:5.65
-
cpe:2.3:a:softing:secure_integration_server:-
-
cpe:2.3:a:softing:secure_integration_server:1.22
-
cpe:2.3:a:softing:th_scope:3.5
-
cpe:2.3:a:softing:uagates:-
-
cpe:2.3:a:softing:uagates:1.72.05
-
cpe:2.3:a:softing:uatoolkit_embedded:-
-
cpe:2.3:a:softing:uatoolkit_embedded:1.31