Unrated severityNVD Advisory· Published Aug 17, 2022· Updated Apr 16, 2025

Softing Secure Integration Server Improper Authentication

CVE-2022-2336

Description

Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as admin and password as admin. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the admin password. There is no warning or prompt to ask the user to change the default password, and to change the password, many steps are required.

Affected products

Softx/Edgeconnector Modbusv5
Range: V3.10

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

industrial.softing.com/fileadmin/psirt/downloads/syt-2022-6.htmlmitrex_refsource_CONFIRM
www.cisa.gov/uscert/ics/advisories/icsa-22-228-04mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000