CVE-2023-27321
published 2024-05-07CVE-2023-27321: OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a…
PriorityP342high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
EPSS
1.06%
60.3th percentile
OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20505.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opcfoundation | ua_netstandard | < 1.4.371.86 | 1.4.371.86 |
| siemens | simatic_energy_manager_basic | < V7.5 | V7.5 |
| siemens | simatic_energy_manager_pro | < V7.5 | V7.5 |
| siemens | simatic_ipc_diagbase | < * | * |
| siemens | simatic_ipc_diagmonitor | < * | * |
| siemens | simit_v10 | < * | * |
| siemens | simit_v11 | < V11.1 | V11.1 |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ghsa7.5HIGH
osv7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gccj-rgh5-5x96: A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7
ghsa_unreviewed·2024-07-09·CVSS 7.5
CVE-2023-52891 [HIGH] CWE-1325 GHSA-gccj-rgh5-5x96: A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.5), SIMATIC Energy Manager PRO (All versions < V7.5), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMIT V10 (All versions), SIMIT V11 (All versions < V11.1). Unified Automation .NET based OPC UA Server SDK before 3.2.2 used in Siemens products are affected by a similar vulnerability as documented in CVE-2023-27321 for the OPC Foundation UA .NET Standard implementation. A successful attack may lead to high load situation and memory exhaustion, and may block the server.
OSV
Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server
osv·2023-05-05·CVSS 7.5
CVE-2023-27321 [HIGH] Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server
Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server
This security update resolves a vulnerability in the OPC UA .NET Standard Reference Server that allows
remote attackers to send malicious requests that consume all memory available to the server.
https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-27321.pdf
GHSA
Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server
ghsa·2023-05-05·CVSS 7.5
CVE-2023-27321 [HIGH] CWE-400 Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server
Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server
This security update resolves a vulnerability in the OPC UA .NET Standard Reference Server that allows
remote attackers to send malicious requests that consume all memory available to the server.
https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-27321.pdf
CISA ICS
Siemens SIMATIC and SIMIT
cisa_ics·2024-07-11·CVSS 7.5
[HIGH] Siemens SIMATIC and SIMIT
ICS Advisory
##
Siemens SIMATIC and SIMIT
Release DateJuly 11, 2024
Alert CodeICSA-24-193-07
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 5.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC, SIMIT
- Vulnerability: Improperly Controlled Sequential Memory Allocation
## 2. RISK EVALUATION
Successful exploitation of t
CISA ICS
Siemens TIM 1531 IRC
cisa_ics·2024-06-13·CVSS 5.5
[MEDIUM] Siemens TIM 1531 IRC
ICS Advisory
##
Siemens TIM 1531 IRC
Release DateJune 13, 2024
Alert CodeICSA-24-165-06
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 6.9
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIPLUS TIM 1531 IRC
- Vulnerabilities: Improper Input Validation, Out-of-bounds Write, Inadequate Encryption Strength, Double Free, Missing
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-27321.pdfhttps://www.zerodayinitiative.com/advisories/ZDI-23-548/https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-27321.pdfhttps://www.zerodayinitiative.com/advisories/ZDI-23-548/
2024-05-07
Published