First published: Mon May 15 2023(Updated: )
The OPC UA Legacy Java Stack before 6f176f2 enables an attacker to block OPC UA server applications via uncontrolled resource consumption so that they can no longer serve client applications.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Opcfoundation Ua Java Legacy | <2023-04-28 | |
Prosysopc Ua Historian | <1.2.0 | |
Prosysopc Ua Modbus Server | <1.4.20 | |
Prosysopc Ua Simulation Server | <5.4.2 |
https://github.com/OPCFoundation/UA-Java-Legacy/commit/6f176f2b445a27c157f1a32f225accc9ce8873c0
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-32787 is a vulnerability in the OPC UA Legacy Java Stack that allows an attacker to block OPC UA server applications by consuming excessive resources.
CVE-2023-32787 can cause OPC UA server applications to become unresponsive, preventing them from serving client applications.
CVE-2023-32787 has a severity rating of 7.5 (high).
To mitigate CVE-2023-32787, it is recommended to update to version 6f176f2 or later of the OPC UA Legacy Java Stack.
More information about CVE-2023-32787 can be found in the OPC Foundation Security Bulletin and the related GitHub repositories.