PT-2021-6746 · Opc Foundation · Opc Foundation Ua .Net Standard+1

Eran Jacob

Published

2021-02-19

Updated

2021-06-01

CVE-2021-27432

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions OPC Foundation UA .NET Standard versions prior to 1.4.365.48 OPC UA .NET Legacy

Description The issue is related to an uncontrolled recursion in the OPC UA .NET Standard and OPC UA .NET Legacy implementations, which may allow an attacker to trigger a stack overflow, potentially leading to a denial of service. This could be exploited by a remote attacker.

Recommendations For OPC Foundation UA .NET Standard versions prior to 1.4.365.48, update to version 1.4.365.48 or later to resolve the issue. For OPC UA .NET Legacy, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Uncontrolled Recursion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-674

Related Identifiers

BDU:2022-02135

CVE-2021-27432

Affected Products

Opc Foundation Ua .Net Standard

Opc Ua .Net Legacy

PT-2021-6746 · Opc Foundation · Opc Foundation Ua .Net Standard+1

CVE-2021-27432

Weakness Enumeration

Related Identifiers

Affected Products

References · 9