Assertion Failure in Open62541 Leading to Application Crash
CVE-2024-53429

7.5HIGH

Key Information:

Vendor

open62541

Status
Vendor
CVE Published:
21 November 2024

What is CVE-2024-53429?

The Open62541 library version 1.4.6 is affected by an assertion failure in the fuzz_binary_decode function. This flaw can lead to a crash of the application when it encounters malformed binary data, disrupting normal operation and potentially causing service downtime. Proper error handling and input validation are critical to preventing exploitation of this vulnerability.

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.