CVE-2021-27434

🗓️ 20 May 2021 13:42:54Reported by icscertType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 63 Views

Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and prior are vulnerable to uncontrolled recursio

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the OPC UA Client/Server SDK Bundle for client-server applications in Unified Automation .NET allows a perpetrator to disclose protected information.	12 Apr 202200:00	–	bdu_fstec
CNNVD	Siemens SIMATIC OPC UA 信息泄露漏洞	13 May 202100:00	–	cnnvd
CNVD	Siemens SIMATIC OPC UA Information Disclosure Vulnerability	14 May 202100:00	–	cnvd
Cvelist	CVE-2021-27434	20 May 202113:42	–	cvelist
EUVD	EUVD-2021-14188	7 Oct 202500:30	–	euvd
ICS	OPC UA Products Built with the .NET Framework 4.5, 4.0, and 3.5	13 May 202100:00	–	ics
NVD	CVE-2021-27434	20 May 202114:15	–	nvd
OSV	CVE-2021-27434	20 May 202114:15	–	osv
Prion	Stack overflow	20 May 202114:15	–	prion
Positive Technologies	PT-2021-6748 · Unified Automation · Unified Automation .Net Based Opc Ua Client/Server Sdk Bundle	19 Feb 202100:00	–	ptsecurity

NVD

Vulners

Node

unified-automation .net_based_opc_ua_client/server_sdkRange≤3.0.7

AND

microsoft .net_frameworkMatch3.5

microsoft .net_frameworkMatch4.0

microsoft .net_frameworkMatch4.5

[
  {
    "product": "OPC UA Products Built with the .NET Framework 4.5, 4.0, and 3.5",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and prior (.NET 4.5, 4.0, and 3.5 Framework versions only)"
      }
    ]
  }
]

Source	Link
us-cert	www.us-cert.cisa.gov/ics/advisories/icsa-21-133-04

17 Jun 2026 03:44Current

7.4High risk

Vulners AI Score7.4

CVSS 25

CVSS 3.17.5

EPSS0.01741