HIGH🇵🇱 Wersja polska

CVE-2021-27434

CVSS 7.5v3.1pub. 2021-05-20upd. 2024-11-21

Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and prior (.NET 4.5, 4.0, and 3.5 Framework versions only) are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Microsoft .net Framework

    APP
    Microsoft
    3.54.04.5
  • Unified Automation .net Based Opc Ua Client\/server Sdk

    APP
    Unified-Automation
    ≤ 3.0.7
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2020-0646CRITICAL9.8⚠ KEVten sam produkt

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properl...

CVE-2024-0057CRITICAL9.1PL ✓ten sam produkt

Podatność omijania funkcji bezpieczeństwa w .NET, .NET Framework i Visual Studio

CVE-2018-8540CRITICAL9.8ten sam produkt

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properl...

CVE-2018-8421CRITICAL9.8ten sam produkt

A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input, aka ".NE...

CVE-2016-0132CRITICAL9.8ten sam produkt

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 mishandles signature validation f...