CVE-2024-25075

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

02/04/2024

Last modified:

03/04/2024

Description

An issue was discovered in Softing uaToolkit Embedded before 1.41.1. When a subscription with a very low MaxNotificationPerPublish parameter is created, a publish response is mishandled, leading to memory consumption. When that happens often enough, the device will be out of memory, i.e., a denial of service.

Impact

References to Advisories, Solutions, and Tools

https://industrial.softing.com/fileadmin/psirt/downloads/2024/syt-2024-2.html