Primary

Context

OPC Foundation .NET Standard Stack Authentication Bypass Vulnerability in OPC UA

Vulnerability

Patched

An authentication bypass vulnerability has been identified in the OPC UA .NET Standard Stack, affecting versions prior to 1.5.374.158. When the deprecated Basic128Rsa15 security policy is enabled, an unauthorized attacker can exploit this vulnerability to bypass application authentication. Although Basic128Rsa15 is disabled by default, this vulnerability could be a concern for applications that have explicitly enabled it.

Impact

Exploitation of this vulnerability allows for authentication bypass, potentially leading to unauthorized access or actions within the application.

Remediation

To address this vulnerability, users should disable the Basic128Rsa15 security policy. The OPC UA .NET Standard Stack has been updated to version 1.5.374.158 to resolve this issue.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

7.0

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

7.0

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OPC Foundation .NET Standard Stack Authentication Bypass Vulnerability in OPC UA

Vulnerability

Impact

Remediation

Affected Products

OPC Foundation UA-.NETStandard

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating