Vulnerability Description
OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opcfoundation | Ua-.Net-Legacy | - |
| Opcfoundation | Ua .Net Standard Stack | < 1.4.365.48 |
Related Weaknesses (CWE)
References
- https://us-cert.cisa.gov/ics/advisories/icsa-21-133-03Third Party AdvisoryUS Government Resource
- https://us-cert.cisa.gov/ics/advisories/icsa-21-133-03Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2021-27432?
CVE-2021-27432 is a vulnerability with a CVSS score of 7.5 (HIGH). OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow.
How severe is CVE-2021-27432?
CVE-2021-27432 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-27432?
Check the references section above for vendor advisories and patch information. Affected products include: Opcfoundation Ua-.Net-Legacy, Opcfoundation Ua .Net Standard Stack.