CVE-2022-39823
HIGHSofting OPC UA C++ SDK 5.66-6.x - Use-After-Free via OPC/UA Browse Request Continuation Points
Title source: llmDescription
An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error
References (2)
Core 2
Core References
Mitigation, Vendor Advisory
https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-8.html
Vendor Advisory
https://www.softing.com
Scores
CVSS v3
7.5
EPSS
0.0063
EPSS Percentile
45.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-416
Status
published
Products (2)
softing/opc
5.20 - 5.22
softing/opc_ua_c\+\+_software_development_kit
5.70 - 6.00
Published
Oct 20, 2022
Tracked Since
Feb 18, 2026