In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.
2021-08-27T07:15:08.630
2024-11-21T06:23:38.860
Modified
CVSSv3.1: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | opcfoundation | local_discover_server | < 1.04.402.463 | Yes |
| Operating System | siemens | simatic_process_historian_opc_ua_server_firmware | < 2022 | Yes |
| Operating System | siemens | simatic_process_historian_opc_ua_server_firmware | 2022 | Yes |
| Hardware | siemens | simatic_process_historian_opc_ua_server | - | No |
| Application | siemens | simatic_net_pc | 14 | Yes |
| Application | siemens | simatic_net_pc | 15 | Yes |
| Application | siemens | simatic_net_pc | 16 | Yes |
| Application | siemens | simatic_net_pc | 17 | Yes |
| Application | siemens | simatic_wincc | - | Yes |
| Application | siemens | simatic_wincc_runtime | - | Yes |
| Application | siemens | simatic_wincc_unified_scada_runtime | - | Yes |
| Application | siemens | telecontrol_server_basic | 3.0 | Yes |