CVE-2023-7339 PUBLISHED

Data collection for dowloading leads into buffer overflow

Assigner: Softing
Reserved: 27.03.2026 Published: 27.03.2026 Updated: 27.03.2026

Stack-based buffer overflow vulnerability in Softing Industrial Automation GmbH gateways allows overflow buffers. This issue affects pnGate: through 1.30 epGate: through 1.30 mbGate: through 1.30 smartLink HW-DP: through 1.30 smartLink HW-PN: through 1.01.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS Score: 6.5

Attack Vector	Network	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	None
Privileges Required	Low	Integrity Impact	None
User Interaction	None	Availability Impact	High

CVSS 3.1

Product Status

Vendor	Softing
Product	pnGate
Versions	Default: unaffected affected from 0 to 1.30 (incl.) Version 1.34 is unaffected

Vendor	Softing
Product	epGate
Versions	Default: unaffected affected from 0 to 1.30 (incl.)

Vendor	Softing
Product	mbGate
Versions	Default: unaffected affected from 0 to 1.30 (incl.)

Vendor	Softing
Product	smartLink HW-DP
Versions	Default: unaffected affected from 0 to 1.30 (incl.) Version 1.31 is unaffected

Vendor	Softing
Product	smartLink HW-PN
Versions	Default: unaffected affected from 0 to 1.01 (incl.) Version 1.02 is unaffected

Solutions

smartLink HW-DP: fixed with 1.31 smartLink HW-PN: fixed with 1.02

References

Problem Types

CWE-121 Stack-based Buffer Overflow CWE

Impacts

CAPEC-100 Overflow Buffers