CVE-2021-27434

Summary

Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and prior (.NET 4.5, 4.0, and 3.5 Framework versions only) are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow.

Affected Software

VendorProductVersion RangeStatus
n/aOPC UA Products Built with the .NET Framework 4.5, 4.0, and 3.5Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and prior (.NET 4.5, 4.0, and 3.5 Framework versions only)affected

Weaknesses

  • CWE-200: EXPOSURE OF SENSITIVE INFORMATION TO AN UNAUTHORIZED ACTOR CWE-200

ADP Enrichment

CVE Program Container

Additional References

References