CVE-2023-28831

CVSS V2 None CVSS V3 None

Description

The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.

Overview

CVE ID
CVE-2023-28831

Assigner
siemens

Vulnerability Status
PUBLISHED

Published Version
2023-09-12T09:32:06.153Z

Last Modified Date
2024-06-11T14:19:48.741Z

Weakness Enumerations

CWE	URL
CWE-190	http://cwe.mitre.org/data/definitions/190.html

References

Reference URL	Reference Tags
https://cert-portal.siemens.com/productcert/pdf/ssa-711309.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-118850.pdf
https://cert-portal.siemens.com/productcert/html/ssa-711309.html
https://cert-portal.siemens.com/productcert/html/ssa-118850.html

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-28831
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28831

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 10:54:06				Added to TrackCVE