Known Vulnerabilities for products from Opcfoundation
Listed below are 12 of the newest known vulnerabilities associated with the vendor "Opcfoundation".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-40142 | In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by s... | 7.5 - HIGH | 2021-08-27 | 2022-09-03 |
| CVE-2021-27432 | OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursi... | 7.5 - HIGH | 2021-05-20 | 2021-06-01 |
| CVE-2020-29457 | A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a ... | 4.4 - MEDIUM | 2021-02-16 | 2021-03-26 |
| CVE-2020-8867 | This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundatio... | 7.5 - HIGH | 2020-04-22 | 2020-04-29 |
| CVE-2019-19135 | In OPC Foundation OPC UA .NET Standard codebase 1.4.357.28, servers do not create sufficiently random numbers in OPCFoundatio... | 7.4 - HIGH | 2020-03-16 | 2021-07-21 |
| CVE-2018-12585 | An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can allow remote attackers to trigger a denial of service. | 8.2 - HIGH | 2018-09-14 | 2018-11-27 |
| CVE-2018-12087 | Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers wit... | 5.3 - MEDIUM | 2018-10-03 | 2019-01-14 |
| CVE-2018-12086 | Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests... | 7.5 - HIGH | 2018-09-14 | 2020-08-24 |
| CVE-2018-7559 | An issue was discovered in OPC UA .NET Standard Stack and Sample Code before GitHub commit 2018-04-12, and OPC UA .NET Legacy... | 5.3 - MEDIUM | 2018-06-13 | 2019-06-10 |
| CVE-2017-17443 | OPC Foundation Local Discovery Server (LDS) 1.03.370 required a security update to resolve multiple vulnerabilities that allo... | 6.5 - MEDIUM | 2018-06-13 | 2018-08-08 |
| CVE-2017-12070 | Unsigned versions of the DLLs distributed by the OPC Foundation may be replaced with malicious code. | 8.8 - HIGH | 2018-06-14 | 2018-08-07 |
| CVE-2017-11672 | The OPC Foundation Local Discovery Server (LDS) before 1.03.367 is installed as a Windows Service without adding double quote... | 7.8 - HIGH | 2018-06-13 | 2018-08-07 |
Known software with vulnerabilities from Opcfoundation
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Opcfoundation | Local Discovery Server | 1.03.355 |
| Application | Opcfoundation | Netstandard.opc.ua | 1.4.355.26 |
| Application | Opcfoundation | Ua-.net-legacy | 1.02.336 |
| Application | Opcfoundation | Ua-.netstandard | 1.03.350 |
| Application | Opcfoundation | Ua-java | 1.02.337.8 |
| Application | Opcfoundation | Unified Architecture-.net-legacy | 1.02.336 |
| Application | Opcfoundation | Unified Architecture .net-standard | 1.03.350 |
| Application | Opcfoundation | Unified Architecture Ansic | 1.03.340 |
| Application | Opcfoundation | Unified Architecture-java | 1.02.337.8 |