Design/Logic Flaw

A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnerability...

CVE-2022-26026

CVE-2022-26026 describes a denial-of-service in Open Automation Software OAS Platform V16.00.0112, specifically in the OAS Engine SecureConfigValues functionality. A specially crafted unauthenticated network message can trigger a change to the TCP configuration port, potentially causing the platf...

Open Automation Software Platform Engine SecureAddUser External config control vulnerability

Summary An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of an OAS user account. An attacker can send a sequence of requests t...

PT-2022-17638 · Open Automation · Open Automation Software Oas Platform

Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version 16.00.0112 Description: A denial of service issue exists in the OAS Engine SecureConfigValues functionality. It can be triggered by a specially-crafted network request, leading to a loss of...