OTPulse
FeedAboutContact

Softing OPC-UA C++ SDK

Plan Patch7.5ICS-CERT ICSA-21-168-02Jun 17, 2021
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

A remote attacker can crash applications using the Softing OPC UA C++ SDK (versions 5.59 to 5.64) by sending a specially crafted message to the publisher or subscriber protocol implementation, resulting in denial of service. The vulnerability exists in exported library functions; the impact depends on how the library is integrated into the application. Softing has released version 5.65 to address this issue and recommends customers using the publisher/subscriber protocol upgrade or disable the affected functionality.

What this means
What could happen
An attacker on the network could crash applications using the OPC UA C++ SDK, causing temporary loss of data communication between control systems and monitoring platforms. This could prevent operators from seeing live process data or issuing remote commands.
Who's at risk
Any water utility, municipality, or industrial facility using software built on Softing's OPC UA C++ SDK versions 5.59 to 5.64 for historian integration, data aggregation, or remote monitoring. This includes SCADA systems, HMI applications, and gateway devices that bridge field devices to enterprise reporting platforms.
How it could be exploited
An attacker with network access to a device running the vulnerable OPC UA C++ SDK could send a specially crafted message to the publisher or subscriber protocol implementation. This triggers a crash in the library's exported functions, severing OPC UA communication until the application restarts.
Prerequisites
  • Network access to the OPC UA port (typically 4840)
  • The device or application must be using OPC UA publisher or subscriber protocol functions from the vulnerable SDK versions
remotely exploitableno authentication requiredlow complexityaffects data availability and operator visibility
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
OPC UA C++ SDK (Software Development Kit):≥ 5.59 | ≤ 5.645.65
Remediation & Mitigation
0/4
Do now
0/2
WORKAROUNDDisable OPC UA publisher and subscriber protocol functionality if not actively used in operations
HARDENINGRestrict network access to OPC UA ports using firewall rules; only permit communication from trusted engineering and SCADA workstations
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade Softing OPC UA C++ SDK to version 5.65 or later
Long-term hardening
0/1
HARDENINGIsolate control system networks from business networks and the Internet; ensure OPC UA devices are not directly Internet-accessible
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/7092c7c2-434b-4647-be58-a1c9126f9983
Softing OPC-UA C++ SDK | CVSS 7.5 - OTPulse