CVE-2023-41185

Name of the Vulnerable Software and Affected Versions Unified Automation UaGateway (affected versions not specified)

Description The issue is related to incorrect certificate validation due to an integer overflow when processing the certificate length field. This allows a remote attacker to create a denial-of-service condition on affected installations of Unified Automation UaGateway. The flaw exists within the processing of client certificates, where the system does not properly validate user-supplied data, resulting in an integer overflow. Authentication is not required to exploit this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.