CVE-2022-1373

HIGH

Softing Secure Integration Server v1.22 Remote Code Execution

Title source: metasploit

Description

The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the "restore configuration" feature to upload a zip file containing a path traversal file may cause a file to be created and executed upon touching the disk.

Exploits (1)

metasploit WORKING POC EXCELLENT

by Chris Anastasio (muffin) of Incite Team, Steven Seeley (mr_me) of Incite Team · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/softing_sis_rce.rb

View Code ZIP pw:eip

References (2)

[Mitigation, Vendor Advisory] https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html

[Mitigation, Third Party Advisory, US Government Resource] https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04

Scores

CVSS v3 7.2

EPSS 0.6858

EPSS Percentile 98.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-22 CWE-23

Status published

Products (6)

softing/edgeaggregator 3.1

softing/edgeconnector 3.1

softing/opc 5.2

softing/opc_ua_c\+\+_software_development_kit 6

softing/secure_integration_server 1.22

softing/uagates 1.74

Published Aug 17, 2022

Tracked Since Feb 18, 2026