Vulnerability Description
A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection.
CVSS Score
4.4
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opcfoundation | Ua-.Netstandard | < 1.4.365.10 |
Related Weaknesses (CWE)
References
- https://github.com/OPCFoundation/UA-.NETStandardThird Party Advisory
- https://opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20BulletPatchVendor Advisory
- https://www.nuget.org/packages/OPCFoundation.NetStandard.Opc.Ua/ProductThird Party Advisory
- https://github.com/OPCFoundation/UA-.NETStandardThird Party Advisory
- https://opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20BulletPatchVendor Advisory
- https://www.nuget.org/packages/OPCFoundation.NetStandard.Opc.Ua/ProductThird Party Advisory
FAQ
What is CVE-2020-29457?
CVE-2020-29457 is a vulnerability with a CVSS score of 4.4 (MEDIUM). A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection.
How severe is CVE-2020-29457?
CVE-2020-29457 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-29457?
Check the references section above for vendor advisories and patch information. Affected products include: Opcfoundation Ua-.Netstandard.