CVE-2023-39482 - Vulnerability Details - OpenCVE

Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within libopcuaclient.so. The issue results from hardcoding crytographic keys within the product. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-20610.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Softing	Edgeaggregator Edgeconnector Secure Integration Server

Configuration 1 [-]

OR	cpe:2.3:a:softing:edgeaggregator::::::::
	cpe:2.3:a:softing:edgeconnector::::::::
	cpe:2.3:a:softing:secure_integration_server::::::::

No data.

References

Link	Providers
https://www.zerodayinitiative.com/advisories/ZDI-23-1064/

History

Tue, 12 Aug 2025 14:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Softing edgeaggregator Softing edgeconnector
Weaknesses		CWE-798
CPEs		cpe:2.3:a:softing:edgeaggregator:::::::: cpe:2.3:a:softing:edgeconnector:::::::: cpe:2.3:a:softing:secure_integration_server::::::::
Vendors & Products		Softing edgeaggregator Softing edgeconnector
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}`

MITRE

Status: PUBLISHED

Assigner: zdi

Published: 2024-05-03T02:10:46.611Z

Updated: 2024-08-02T18:10:20.888Z

Reserved: 2023-08-02T21:37:23.125Z

Link: CVE-2023-39482

Vulnrichment

Updated: 2024-08-02T18:10:20.888Z

NVD

Status : Analyzed

Published: 2024-05-03T03:15:14.793

Modified: 2025-08-12T14:44:04.517

Link: CVE-2023-39482

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-39482", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "state": "PUBLISHED", "assignerShortName": "zdi", "dateReserved": "2023-08-02T21:37:23.125Z", "datePublished": "2024-05-03T02:10:46.611Z", "dateUpdated": "2024-08-02T18:10:20.888Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2024-05-03T02:10:46.611Z"}, "title": "Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability", "descriptions": [{"lang": "en", "value": "Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within libopcuaclient.so. The issue results from hardcoding crytographic keys within the product. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-20610."}], "affected": [{"vendor": "Softing", "product": "Secure Integration Server", "versions": [{"version": "1.22.8686", "status": "affected"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-321", "description": "CWE-321: Use of Hard-coded Cryptographic Key", "type": "CWE"}]}], "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1064/", "name": "ZDI-23-1064", "tags": ["x_research-advisory"]}], "dateAssigned": "2023-08-02T16:44:31.537-05:00", "datePublic": "2023-08-09T13:05:25.885-05:00", "source": {"lang": "en", "value": "Uri Katz of Claroty Research Team82"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "baseScore": 4.9, "baseSeverity": "MEDIUM"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-18T13:33:02.875353Z", "id": "CVE-2023-39482", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-18T13:33:20.661Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:10:20.888Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1064/", "name": "ZDI-23-1064", "tags": ["x_research-advisory", "x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1064/", "name": "ZDI-23-1064", "tags": ["x_research-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:10:20.888Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-39482", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-18T13:33:02.875353Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-18T13:33:14.586Z"}}], "cna": {"title": "Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability", "source": {"lang": "en", "value": "Uri Katz of Claroty Research Team82"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "Softing", "product": "Secure Integration Server", "versions": [{"status": "affected", "version": "1.22.8686"}], "defaultStatus": "unknown"}], "datePublic": "2023-08-09T13:05:25.885-05:00", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1064/", "name": "ZDI-23-1064", "tags": ["x_research-advisory"]}], "dateAssigned": "2023-08-02T16:44:31.537-05:00", "descriptions": [{"lang": "en", "value": "Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within libopcuaclient.so. The issue results from hardcoding crytographic keys within the product. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-20610."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-321", "description": "CWE-321: Use of Hard-coded Cryptographic Key"}]}], "providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2024-05-03T02:10:46.611Z"}}}, "cveMetadata": {"cveId": "CVE-2023-39482", "state": "PUBLISHED", "dateUpdated": "2024-08-02T18:10:20.888Z", "dateReserved": "2023-08-02T21:37:23.125Z", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "datePublished": "2024-05-03T02:10:46.611Z", "assignerShortName": "zdi"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:softing:edgeaggregator:*:*:*:*:*:*:*:*", "matchCriteriaId": "5ED10461-171A-4AC4-A26E-43EA002D6716", "versionEndExcluding": "3.70", "vulnerable": true}, {"criteria": "cpe:2.3:a:softing:edgeconnector:*:*:*:*:*:*:*:*", "matchCriteriaId": "E3896509-18EA-4FCA-B96E-FC2053898665", "versionEndExcluding": "3.70", "vulnerable": true}, {"criteria": "cpe:2.3:a:softing:secure_integration_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "6088DDC3-8E06-4782-8069-E3ABF8094A3D", "versionEndExcluding": "1.30", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within libopcuaclient.so. The issue results from hardcoding crytographic keys within the product. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-20610."}, {"lang": "es", "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de clave criptogr\u00e1fica codificada en el servidor de integraci\u00f3n seguro de Softing. Esta vulnerabilidad permite a atacantes remotos revelar informaci\u00f3n confidencial sobre las instalaciones afectadas de Softing Secure Integration Server. Aunque se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad, se puede omitir el mecanismo de autenticaci\u00f3n existente. La falla espec\u00edfica existe dentro de libopcuaclient.so. El problema se debe a la codificaci\u00f3n de claves criptogr\u00e1ficas dentro del producto. Un atacante puede aprovechar esta vulnerabilidad para revelar las credenciales almacenadas, lo que provocar\u00eda un mayor commit. Era ZDI-CAN-20610."}], "id": "CVE-2023-39482", "lastModified": "2025-08-12T14:44:04.517", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-03T03:15:14.793", "references": [{"source": "zdi-disclosures@trendmicro.com", "tags": ["Third Party Advisory"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1064/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1064/"}], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-321"}], "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-798"}], "source": "nvd@nist.gov", "type": "Primary"}]}