Unsigned versions of the DLLs distributed by the OPC Foundation may be replaced with malicious code.
8.8CVSS
8.6AI Score
0.002EPSS
Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords.
5.3CVSS
5.2AI Score
0.001EPSS
An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can allow remote attackers to trigger a denial of service.
8.2CVSS
7.6AI Score
0.002EPSS
An issue was discovered in OPC UA .NET Standard Stack and Sample Code before GitHub commit 2018-04-12, and OPC UA .NET Legacy Stack and Sample Code before GitHub commit 2018-03-13. A vulnerability in OPC UA applications can allow a remote attacker to determine a Server's private key by sending care...
5.3CVSS
5.3AI Score
0.002EPSS
OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow.
7.5CVSS
7.4AI Score
0.001EPSS