118 matches found
Code injection
An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message...
Authentication flaw
OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials...
CVE-2022-29863
OPC UA .NET Standard Stack 1.04.368 allows remote attacker to cause a crash via a crafted message that triggers excessive memory allocation...
CVE-2022-29864
CVE-2022-29864 affects OPC UA .NET Standard Stack version 1.04.368. The issue is Uncontrolled Resource Consumption triggered by a large number of messages, allowing a remote attacker to cause a server crash (DoS). Documented impact is partial to full availability degradation for the targeted serv...
CVE-2022-29864
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption...
CVE-2022-29862
An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message...
CVE-2022-29862
CVE-2022-29862 describes an infinite loop in the OPC UA .NET Standard Stack 1.04.368 that lets a remote attacker hang the application by sending a crafted message. The Red Hat/Red Hat-affiliated entry and the OSV/NVD variants corroborate the same issue, with a CVSSv3 base score of 7.5 (high) and ...
CVE-2022-29865
The CVE-2022-29865 entry concerns the OPC UA .NET Standard Stack. The connected sources confirm a remote authentication bypass vulnerability in this stack where crafted credentials can bypass the application authentication check. The NVD entry lists an affected component (OPC UA .NET Standard Sta...
CVE-2022-29865
OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials...
(Pwn2Own) OPC Foundation UA .NET Standard Improper Input Validation Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of certificates. The issue results from the lack of proper...
(Pwn2Own) OPC Foundation UA .NET Standard Resource Exhaustion Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of message chunks. By sending a large number ...
OPC UA .NET Standard Stack 资源管理错误漏洞
NET Standard Stack is an open source C++ framework from the OPC Foundation in the United States. NET Standard Stack is an open source C++ framework from the OPC Foundation for developing and distributing OPC UA client/server applications. A security vulnerability exists in OPC UA .NET Standard...
(Pwn2Own) OPC Foundation UA .NET Standard TranslateBrowsePathsToNodeId Resource Exhaustion Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability. The specific flaw exists within the TranslateBrowsePathsToNodeId method. The issue results...
The vulnerability of implementations of data transfer specifications in industrial networks using OPC UA .NET Standard and OPC UA .NET Legacy lies in the uncontrolled recursion involved. This allows attackers to trigger service failures.
The vulnerability of data transmission implementations in industrial networks using OPC UA .NET Standard and OPC UA .NET Legacy is related to uncontrolled recursion. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
GHSA-MJWW-934M-H4JW Improper Certificate Validation in OPCFoundation.NetStandard.Opc.Ua.Core
A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 allows attackers to establish a connection using invalid certificates...
Insufficient Session Expiration and TOCTOU Race Condition in OPC FOundation UA .Net Standard
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results fr...
CVE-2021-27432
OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow...
CVE-2021-27432
OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow...
Stack overflow
OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow...
CVE-2021-27432
OPC Foundation UA .NET Standard and OPC UA .NET Legacy are affected by CVE-2021-27432 due to an uncontrolled recursion that can trigger a stack overflow. Affected products are OPC UA .NET Standard prior to 1.4.365.48 and OPC UA .NET Legacy. The vulnerability enables remote exploitation (network v...