The OPC Foundation Local Discovery Server (LDS) before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges.
7.8CVSS
7.6AI Score
0.0004EPSS
OPC Foundation Local Discovery Server (LDS) 1.03.370 required a security update to resolve multiple vulnerabilities that allow attackers to trigger a crash by placing invalid data into the configuration file. This vulnerability requires an attacker with access to the file system where the configura...
6.5CVSS
6.5AI Score
0.001EPSS
OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a configuration file. This allows a normal user to create a malicious file that is loaded by LDS (running as a high-privilege user).
7.8CVSS
7.5AI Score
0.0004EPSS