Vulnerability Details CVE-2023-37572
Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to obtain sensitive information via weak permissions in OSF_discovery service. The service executable could be changed or the service could be deleted.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.6%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-37572
-
cpe:2.3:a:softing:opc:-
-
cpe:2.3:a:softing:opc:4.20.00
-
cpe:2.3:a:softing:opc:4.20.01
-
cpe:2.3:a:softing:opc:4.20.02
-
cpe:2.3:a:softing:opc:4.20.03
-
cpe:2.3:a:softing:opc:4.20.04
-
cpe:2.3:a:softing:opc:4.22.00
-
cpe:2.3:a:softing:opc:4.22.01
-
cpe:2.3:a:softing:opc:4.22.03
-
cpe:2.3:a:softing:opc:4.22.05
-
cpe:2.3:a:softing:opc:4.30.0
-
cpe:2.3:a:softing:opc:4.30.1
-
cpe:2.3:a:softing:opc:4.31.0
-
cpe:2.3:a:softing:opc:4.31.1
-
cpe:2.3:a:softing:opc:4.40.0
-
cpe:2.3:a:softing:opc:4.40.1
-
cpe:2.3:a:softing:opc:4.40.2
-
cpe:2.3:a:softing:opc:4.40.3
-
cpe:2.3:a:softing:opc:4.41.0
-
cpe:2.3:a:softing:opc:4.41.1
-
cpe:2.3:a:softing:opc:4.41.2
-
cpe:2.3:a:softing:opc:4.45.0
-
cpe:2.3:a:softing:opc:4.46.0
-
cpe:2.3:a:softing:opc:4.47.0
-
cpe:2.3:a:softing:opc:4.47.1
-
cpe:2.3:a:softing:opc:5.2