First published: Thu Jun 16 2022(Updated: )
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Opcfoundation Ua .net Standard Stack | <1.4.368.58 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-29864 is a vulnerability in OPC UA .NET Standard Stack 1.04.368 that allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption.
The severity of CVE-2022-29864 is high with a CVSS score of 7.5.
OPC UA .NET Standard Stack version up to and excluding 1.04.368.58 is affected by CVE-2022-29864.
A remote attacker can exploit CVE-2022-29864 by sending a large number of messages to the server, triggering Uncontrolled Resource Consumption and causing the server to crash.
You can find more information about CVE-2022-29864 in the OPC Foundation Security Bulletin (https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2022-29864.pdf) and on the OPC Foundation security page (https://opcfoundation.org/security/).