8 matches found
Wireshark 2.4.x < 2.4.10 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.4.10. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.10 advisory. - In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was...
[SECURITY] Fedora 42 Update: qt6-qtopcua-6.9.1-1.fc42
Qt OPC UA API provides classes and functions to access the OPC UA protocol...
Fedora: Security Advisory for qt6-qtopcua (FEDORA-2024-bfb8617ba3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial of Service (DoS)
Overview opcua is an OPC UA server / client API implementation for Rust. Affected versions of this package are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit thi...
Siemens OPC UA Protocol Stack Discovery Service (Update E)
1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Vulnerabilities: Improper restriction of XML external entity reference 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...
Siemens Industrial Products with OPC UA Denial of Service Vulnerability
Siemens is a leading global technology company providing solutions to customers in the areas of power generation and transmission and distribution, infrastructure, industrial automation, drives and software through innovations in electrification, automation and digitalization. A denial of service...
OPC UA security analysis
This paper discusses our project that involved searching for vulnerabilities in implementations of the OPC UA protocol. In publishing this material, we hope to draw the attention of vendors that develop software for industrial automation systems and the industrial internet of things to problems...
Siemens industrial products using the Discovery Service of the OPC UA protocol stack by the OPC foundation (Update B)
CVSS v3 8.2 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Industrial products using the Discovery Service of the OPC UA protocol stack by the OPC foundation Vulnerability: Improper Restriction of XML External Entity Reference UPDATE INFORMATION This update...