Authentication Bypass Vulnerability in OPC UA .NET Standard Stack by OPC Foundation
CVE-2024-42512

8.6HIGH

Key Information:

Vendor: OPC Foundation
Status: OPC UA .NET Standard Stack
Vendor: CVE Published:; 10 February 2025

🔔 Create OPC Foundation Vulnerability Alert

What is CVE-2024-42512?

The OPC UA .NET Standard Stack versions prior to 1.5.374.158 are vulnerable to an authentication bypass attack when the deprecated Basic128Rsa15 security policy is enabled. Attackers exploiting this vulnerability may gain unauthorized access to application functionalities, compromising the integrity and security of the system.

References

https://files.opcfoundation.org/SecurityBulletins/OPC%20F...

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2025
Vulnerability Reserved
Aug 2, 2024

CVE-2024-42512 Data

JSON