Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ocpfoundation Subscribe
Filtered by product Ua .net
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-12069 2 Ocpfoundation, Siemens 4 Local Discovery Server, Ua .net, Simatic Pcs7 and 1 more 2017-10-05 6.4 MEDIUM 8.2 HIGH
An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker.