Filtered by vendor Opcfoundation
Subscribe
Total
23 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-7559 | 1 Opcfoundation | 2 Ua-.net-legacy, Ua-.netstandard | 2024-02-04 | 3.5 LOW | 5.3 MEDIUM |
An issue was discovered in OPC UA .NET Standard Stack and Sample Code before GitHub commit 2018-04-12, and OPC UA .NET Legacy Stack and Sample Code before GitHub commit 2018-03-13. A vulnerability in OPC UA applications can allow a remote attacker to determine a Server's private key by sending carefully constructed bad UserIdentityTokens as part of an oracle attack. | |||||
CVE-2017-17443 | 1 Opcfoundation | 1 Local Discovery Server | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
OPC Foundation Local Discovery Server (LDS) 1.03.370 required a security update to resolve multiple vulnerabilities that allow attackers to trigger a crash by placing invalid data into the configuration file. This vulnerability requires an attacker with access to the file system where the configuration file is stored; however, if the configuration file is altered the LDS will be unavailable until it is repaired. | |||||
CVE-2017-11672 | 1 Opcfoundation | 1 Local Discovery Server | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
The OPC Foundation Local Discovery Server (LDS) before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges. |