Softing Industrial Automation OPC (ICSA-20-210-02)

CISA has published an advisory on heap-based buffer overflow and uncontrolled resource consumption vulnerabilities in Softing Industrial Automation OPC. All versions prior to the latest build of 4.47.0 are affected. Successful exploitation of these vulnerabilities could crash the device being accessed. A buffer-overflow condition may also allow remote code execution. Softing Industrial Automation has released an update to mitigate the reported vulnerabilities. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.