Integer Overflow Vulnerability in OPC UA Implementations Could Cause Denial of Service

Integer Overflow Vulnerability in OPC UA Implementations Could Cause Denial of Service

CVE-2023-28831 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.

Learn more about our Web Application Penetration Testing UK.