CVE-2022-2334

The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
icscertCNA
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
VendorProductVersion
softingedgeaggregator
3.1
softingedgeconnector
3.1
softingopc
5.2
softingsecure_integration_server
1.22
softinguagates
1.74
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html
https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04
https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html
https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04