CVE-2019-13542

Name of the Vulnerable Software and Affected Versions 3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server versions 3.5.11.0 through 3.5.15.0

Description The issue allows an attacker to send crafted requests from a trusted OPC UA client, causing a NULL pointer dereference. This may trigger a denial-of-service condition.

Recommendations For versions 3.5.11.0 through 3.5.15.0, consider restricting access to trusted OPC UA clients to minimize the risk of exploitation. As a temporary workaround, review the server's configuration to ensure that only necessary clients have access, until a patch is available.