← back
CVE-2021-27434

CVE-2021-27434

EPSS 1.7%CWE-200
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
20 May 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and prior (.NET 4.5, 4.0, and 3.5 Framework versions only) are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow.
Affected products
n/a · OPC UA Products Built with the .NET Framework 4.5, 4.0, and 3.5

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://us-cert.cisa.gov/ics/advisories/icsa-21-133-04