Lucene search
Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon BrizinovZDI-23-548HistoryMay 04, 2023 - 12:00 a.m.
(Pwn2Own) OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability
2023-05-0400:00:00
Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov
www.zerodayinitiative.com
16
pwn2own
opc foundation
ua .net standard
conditionrefresh
resource exhaustion
denial-of-service
vulnerability
remote attackers
authentication
opc ua
requests
available resources
attack
system
EPSS
0.001
Percentile
16.2%
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
Related
cve
cve
CVE-2023-27321
2024-05-07 23:15:15
CVE-2023-52891
2024-07-09 12:15:11
github
github
Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server
2023-05-05 02:19:39
veracode
veracode
Denial Of Services (DoS)
2023-05-10 04:55:56
osv
osv
Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server
2023-05-05 02:19:39
nvd
nvd
CVE-2023-27321
2024-05-07 23:15:15
CVE-2023-52891
2024-07-09 12:15:11
cvelist
cvelist
CVE-2023-27321 OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability
2024-05-07 22:55:01
CVE-2023-52891
2024-07-09 12:04:42
vulnrichment
vulnrichment
CVE-2023-27321 OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability
2024-05-07 22:55:01
CVE-2023-52891
2024-07-09 12:04:42
ics
ics
Siemens SIMATIC and SIMIT
2024-07-11 12:00:00
Siemens TIM 1531 IRC
2024-06-13 12:00:00