CVE-2021-40872

An issue was discovered in Softing Industrial Automation uaToolkit Embedded before 1.40. Remote attackers to cause a denial of service (DoS) or login as an anonymous user (bypassing security checks) by sending crafted messages to a OPC/UA server. The server process may crash unexpectedly because of an invalid type cast, and must be restarted.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:softing:smartlink_hw-dp:*:*:*:*:*:*:*:*
cpe:2.3:a:softing:uatoolkit_embedded:*:*:*:*:*:*:*:*

Information

Published : 2021-11-10 15:15

Updated : 2021-11-16 07:01


NVD link : CVE-2021-40872

Mitre link : CVE-2021-40872


JSON object : View

CWE
CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

Advertisement

dedicated server usa

Products Affected

softing

  • uatoolkit_embedded
  • smartlink_hw-dp