Fluid Attacks Database

Description

OPCFoundation.NetStandard.Opc.Ua.Core buffer-management vulnerability A buffer-management vulnerability in OPC Foundation OPCFoundation.NetStandard.Opc.Ua.Core before 1.5.374.54 could allow remote attackers to exhaust memory resources. It is triggered when the system receives an excessive number of messages from a remote source. This could potentially lead to a denial of service (DoS) condition, disrupting the normal operation of the system.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
nuget	opcfoundation.netstandard.opc.ua.core	>=0 <1.5.374.54	1.5.374.54

Aliases

1. CVE-2024-338622. NVD-2024-338623. OSV-2024-338624. GCVE-2024-33862

References

1. https://github.com/OPCFoundation/UA-.NETStandard/commit/52d4492ccc928f128e7a38857fdf58d94e1e652b2. https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2024-33862.pdf3. https://github.com/OPCFoundation/UA-.NETStandard/releases/tag/1.5.374.54

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.