Search criteria
18 vulnerabilities found for uagateway by unified-automation
FKIE_CVE-2023-41185
Vulnerability from fkie_nvd - Published: 2024-05-03 03:15 - Updated: 2025-08-08 18:47
Severity ?
Summary
Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the processing of client certificates. When parsing the certificate length field, the process does not properly validate user-supplied data, which can result in an integer overflow. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20353.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-23-1286/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-23-1286/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| unified-automation | uagateway | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:unified-automation:uagateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0198D9C1-4354-4611-A3F3-16059270B375",
"versionEndExcluding": "1.5.13.487",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the processing of client certificates. When parsing the certificate length field, the process does not properly validate user-supplied data, which can result in an integer overflow. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20353."
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio de desbordamiento de enteros en el an\u00e1lisis de certificados UaGateway de Unified Automation. Esta vulnerabilidad permite a atacantes remotos crear una condici\u00f3n de denegaci\u00f3n de servicio en las instalaciones afectadas de Unified Automation UaGateway. No se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe en el procesamiento de certificados de clientes. Al analizar el campo de longitud del certificado, el proceso no valida correctamente los datos proporcionados por el usuario, lo que puede provocar un desbordamiento de enteros. Un atacante puede aprovechar esta vulnerabilidad para crear una condici\u00f3n de denegaci\u00f3n de servicio en el sistema. Era ZDI-CAN-20353."
}
],
"id": "CVE-2023-41185",
"lastModified": "2025-08-08T18:47:48.833",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-03T03:15:28.230",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1286/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1286/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-32174
Vulnerability from fkie_nvd - Published: 2024-05-03 02:15 - Updated: 2025-08-08 14:17
Severity ?
Summary
Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.
The specific flaw exists within the handling of NodeManagerOpcUa objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.
. Was ZDI-CAN-20577.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| unified-automation | uagateway | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:unified-automation:uagateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80148EAB-1981-4C32-8580-19D024E5305C",
"versionEndExcluding": "1.5.14.495",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.\n\nThe specific flaw exists within the handling of NodeManagerOpcUa objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n. Was ZDI-CAN-20577."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Use-After-Free de Unified Automation UaGateway NodeManagerOpcUa. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Unified Automation UaGateway. Se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad cuando el producto est\u00e1 en su configuraci\u00f3n predeterminada. La falla espec\u00edfica existe en el manejo de objetos NodeManagerOpcUa. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de SYSTEM. Era ZDI-CAN-20577."
}
],
"id": "CVE-2023-32174",
"lastModified": "2025-08-08T14:17:55.037",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T02:15:23.107",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-780/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-780/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-32171
Vulnerability from fkie_nvd - Published: 2024-05-03 02:15 - Updated: 2025-08-08 14:16
Severity ?
Summary
Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability.
The specific flaw exists within the ImportCsv method. A crafted XML payload can cause a null pointer dereference. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20495.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| unified-automation | uagateway | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:unified-automation:uagateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0198D9C1-4354-4611-A3F3-16059270B375",
"versionEndExcluding": "1.5.13.487",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the ImportCsv method. A crafted XML payload can cause a null pointer dereference. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20495."
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio de desreferencia de puntero nulo del servidor UaGateway OPC UA de Unified Automation. Esta vulnerabilidad permite a atacantes remotos crear una condici\u00f3n de denegaci\u00f3n de servicio en las instalaciones afectadas de Unified Automation UaGateway. Se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro del m\u00e9todo ImportCsv. un payload XML manipulada puede provocar una desreferencia del puntero nulo. Un atacante puede aprovechar esta vulnerabilidad para crear una condici\u00f3n de denegaci\u00f3n de servicio en el sistema. Era ZDI-CAN-20495."
}
],
"id": "CVE-2023-32171",
"lastModified": "2025-08-08T14:16:38.933",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T02:15:22.593",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-776/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-776/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-32172
Vulnerability from fkie_nvd - Published: 2024-05-03 02:15 - Updated: 2025-08-08 14:17
Severity ?
Summary
Unified Automation UaGateway OPC UA Server Use-After-Free Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability.
The specific flaw exists within the implementation of the ImportXML function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20497.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| unified-automation | uagateway | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:unified-automation:uagateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0198D9C1-4354-4611-A3F3-16059270B375",
"versionEndExcluding": "1.5.13.487",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway OPC UA Server Use-After-Free Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the ImportXML function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20497."
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio de Use-After-Free del servidor UaGateway OPC UA de Unified Automation. Esta vulnerabilidad permite a atacantes remotos crear una condici\u00f3n de denegaci\u00f3n de servicio en las instalaciones afectadas de Unified Automation UaGateway. Se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe en la implementaci\u00f3n de la funci\u00f3n ImportXML. El problema surge de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones sobre \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para crear una condici\u00f3n de denegaci\u00f3n de servicio en el sistema. Era ZDI-CAN-20497."
}
],
"id": "CVE-2023-32172",
"lastModified": "2025-08-08T14:17:00.330",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T02:15:22.773",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-777/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-777/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-32173
Vulnerability from fkie_nvd - Published: 2024-05-03 02:15 - Updated: 2025-08-08 14:17
Severity ?
Summary
Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.
The specific flaw exists within the implementation of the AddServer method. By specifying crafted arguments, an attacker can cause invalid characters to be inserted into an XML configuration file. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system.
. Was ZDI-CAN-20576.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| unified-automation | uagateway | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:unified-automation:uagateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80148EAB-1981-4C32-8580-19D024E5305C",
"versionEndExcluding": "1.5.14.495",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.\n\nThe specific flaw exists within the implementation of the AddServer method. By specifying crafted arguments, an attacker can cause invalid characters to be inserted into an XML configuration file. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system. \n. Was ZDI-CAN-20576."
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio de inyecci\u00f3n XML de Unified Automation UaGateway AddServer. Esta vulnerabilidad permite a atacantes remotos crear una condici\u00f3n de denegaci\u00f3n de servicio en las instalaciones afectadas de Unified Automation UaGateway. Se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad cuando el producto est\u00e1 en su configuraci\u00f3n predeterminada. La falla espec\u00edfica existe en la implementaci\u00f3n del m\u00e9todo AddServer. Al especificar argumentos manipulados, un atacante puede provocar que se inserten caracteres no v\u00e1lidos en un archivo de configuraci\u00f3n XML. Un atacante puede aprovechar esta vulnerabilidad para crear una condici\u00f3n de denegaci\u00f3n de servicio persistente en el sistema. Era ZDI-CAN-20576."
}
],
"id": "CVE-2023-32173",
"lastModified": "2025-08-08T14:17:43.463",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 4.0,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T02:15:22.940",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-779/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-779/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-91"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-32170
Vulnerability from fkie_nvd - Published: 2024-05-03 02:15 - Updated: 2025-08-08 14:10
Severity ?
Summary
Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. User interaction is required to exploit this vulnerability in that the target must choose to accept a client certificate.
The specific flaw exists within the processing of client certificates. The issue results from the lack of proper validation of certificate data. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20494.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| unified-automation | uagateway | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:unified-automation:uagateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0198D9C1-4354-4611-A3F3-16059270B375",
"versionEndExcluding": "1.5.13.487",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. User interaction is required to exploit this vulnerability in that the target must choose to accept a client certificate.\n\nThe specific flaw exists within the processing of client certificates. The issue results from the lack of proper validation of certificate data. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20494."
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio de validaci\u00f3n de entrada incorrecta del servidor UaGateway OPC UA de Unified Automation. Esta vulnerabilidad permite a atacantes remotos crear una condici\u00f3n de denegaci\u00f3n de servicio en las instalaciones afectadas de Unified Automation UaGateway. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe elegir aceptar un certificado de cliente. La falla espec\u00edfica existe en el procesamiento de certificados de clientes. El problema se debe a la falta de validaci\u00f3n adecuada de los datos del certificado. Un atacante puede aprovechar esta vulnerabilidad para crear una condici\u00f3n de denegaci\u00f3n de servicio en el sistema. Era ZDI-CAN-20494."
}
],
"id": "CVE-2023-32170",
"lastModified": "2025-08-08T14:10:59.573",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T02:15:22.410",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-775/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-775/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
CVE-2023-41185 (GCVE-0-2023-41185)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:11 – Updated: 2024-08-02 18:54
VLAI?
Summary
Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the processing of client certificates. When parsing the certificate length field, the process does not properly validate user-supplied data, which can result in an integer overflow. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20353.
Severity ?
8.6 (High)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unified Automation | UaGateway |
Affected:
1.5.12
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:unified-automation:uagateway:1.5.12:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "uagateway",
"vendor": "unified-automation",
"versions": [
{
"status": "affected",
"version": "1.5.12"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41185",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T17:02:29.855587Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T15:32:43.519Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:54:04.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1286",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1286/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UaGateway",
"vendor": "Unified Automation",
"versions": [
{
"status": "affected",
"version": "1.5.12"
}
]
}
],
"dateAssigned": "2023-08-24T14:26:26.679-05:00",
"datePublic": "2023-08-30T15:13:33.619-05:00",
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the processing of client certificates. When parsing the certificate length field, the process does not properly validate user-supplied data, which can result in an integer overflow. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20353."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:11:46.261Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1286",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1286/"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-41185",
"datePublished": "2024-05-03T02:11:46.261Z",
"dateReserved": "2023-08-24T19:16:24.557Z",
"dateUpdated": "2024-08-02T18:54:04.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32173 (GCVE-0-2023-32173)
Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
VLAI?
Summary
Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.
The specific flaw exists within the implementation of the AddServer method. By specifying crafted arguments, an attacker can cause invalid characters to be inserted into an XML configuration file. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system.
. Was ZDI-CAN-20576.
Severity ?
5.8 (Medium)
CWE
- CWE-91 - XML Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unified Automation | UaGateway |
Affected:
UaGateway 1.5.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32173",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T17:41:33.314153Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T17:41:50.429Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:23.700Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-779",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-779/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UaGateway",
"vendor": "Unified Automation",
"versions": [
{
"status": "affected",
"version": "UaGateway 1.5.13"
}
]
}
],
"dateAssigned": "2023-05-03T15:16:43.168-05:00",
"datePublic": "2023-05-31T18:59:24.397-05:00",
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.\n\nThe specific flaw exists within the implementation of the AddServer method. By specifying crafted arguments, an attacker can cause invalid characters to be inserted into an XML configuration file. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system. \n. Was ZDI-CAN-20576."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-91",
"description": "CWE-91: XML Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:28:27.222Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-779",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-779/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"source": {
"lang": "en",
"value": "Axel \u00270vercl0k\u0027 Souchet of https://doar-e.github.io/"
},
"title": "Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-32173",
"datePublished": "2024-05-03T01:56:50.124Z",
"dateReserved": "2023-05-03T20:10:47.065Z",
"dateUpdated": "2024-09-18T18:28:27.222Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32174 (GCVE-0-2023-32174)
Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
VLAI?
Summary
Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.
The specific flaw exists within the handling of NodeManagerOpcUa objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.
. Was ZDI-CAN-20577.
Severity ?
9.1 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unified Automation | UaGateway |
Affected:
UaGateway 1.5.13
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:unified-automation:uagateway:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "uagateway",
"vendor": "unified-automation",
"versions": [
{
"lessThan": "1.5.14.495",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32174",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T17:33:02.989364Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T15:30:43.603Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:23.756Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-780",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-780/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UaGateway",
"vendor": "Unified Automation",
"versions": [
{
"status": "affected",
"version": "UaGateway 1.5.13"
}
]
}
],
"dateAssigned": "2023-05-03T15:16:43.194-05:00",
"datePublic": "2023-05-31T18:59:29.851-05:00",
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.\n\nThe specific flaw exists within the handling of NodeManagerOpcUa objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n. Was ZDI-CAN-20577."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:28:27.941Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-780",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-780/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"source": {
"lang": "en",
"value": "Axel \u00270vercl0k\u0027 Souchet of https://doar-e.github.io/"
},
"title": "Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-32174",
"datePublished": "2024-05-03T01:56:50.852Z",
"dateReserved": "2023-05-03T20:10:47.065Z",
"dateUpdated": "2024-09-18T18:28:27.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32172 (GCVE-0-2023-32172)
Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-08-02 15:10
VLAI?
Summary
Unified Automation UaGateway OPC UA Server Use-After-Free Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability.
The specific flaw exists within the implementation of the ImportXML function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20497.
Severity ?
6.5 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unified Automation | UaGateway |
Affected:
1.5.12.482
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32172",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-03T16:00:50.859225Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T16:00:56.254Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:23.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-777",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-777/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UaGateway",
"vendor": "Unified Automation",
"versions": [
{
"status": "affected",
"version": "1.5.12.482"
}
]
}
],
"dateAssigned": "2023-05-03T15:16:43.162-05:00",
"datePublic": "2023-05-31T18:59:09.188-05:00",
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway OPC UA Server Use-After-Free Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the ImportXML function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20497."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:56:49.400Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-777",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-777/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
},
"title": "Unified Automation UaGateway OPC UA Server Use-After-Free Denial-of-Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-32172",
"datePublished": "2024-05-03T01:56:49.400Z",
"dateReserved": "2023-05-03T20:10:47.065Z",
"dateUpdated": "2024-08-02T15:10:23.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32171 (GCVE-0-2023-32171)
Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-08-02 15:10
VLAI?
Summary
Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability.
The specific flaw exists within the ImportCsv method. A crafted XML payload can cause a null pointer dereference. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20495.
Severity ?
6.5 (Medium)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unified Automation | UaGateway |
Affected:
1.5.12.482
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:unified-automation:uagateway:1.5.12.482:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "uagateway",
"vendor": "unified-automation",
"versions": [
{
"status": "affected",
"version": "1.5.12.482"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32171",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T18:14:06.144787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T19:43:35.903Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:23.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-776",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-776/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UaGateway",
"vendor": "Unified Automation",
"versions": [
{
"status": "affected",
"version": "1.5.12.482"
}
]
}
],
"dateAssigned": "2023-05-03T15:16:43.155-05:00",
"datePublic": "2023-05-31T18:59:01.474-05:00",
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the ImportCsv method. A crafted XML payload can cause a null pointer dereference. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20495."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:56:48.684Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-776",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-776/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"source": {
"lang": "en",
"value": "Axel \u00270vercl0k\u0027 Souchet of https://doar-e.github.io/"
},
"title": "Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-32171",
"datePublished": "2024-05-03T01:56:48.684Z",
"dateReserved": "2023-05-03T20:10:47.065Z",
"dateUpdated": "2024-08-02T15:10:23.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32170 (GCVE-0-2023-32170)
Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-08-02 15:10
VLAI?
Summary
Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. User interaction is required to exploit this vulnerability in that the target must choose to accept a client certificate.
The specific flaw exists within the processing of client certificates. The issue results from the lack of proper validation of certificate data. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20494.
Severity ?
6.5 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unified Automation | UaGateway |
Affected:
1.5.12.482
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:unified-automation:uagateway:1.5.12.482:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "uagateway",
"vendor": "unified-automation",
"versions": [
{
"status": "affected",
"version": "1.5.12.482"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32170",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-03T14:21:35.494739Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T15:33:07.225Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:23.906Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-775",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-775/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UaGateway",
"vendor": "Unified Automation",
"versions": [
{
"status": "affected",
"version": "1.5.12.482"
}
]
}
],
"dateAssigned": "2023-05-03T15:16:43.148-05:00",
"datePublic": "2023-05-31T18:58:55.758-05:00",
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. User interaction is required to exploit this vulnerability in that the target must choose to accept a client certificate.\n\nThe specific flaw exists within the processing of client certificates. The issue results from the lack of proper validation of certificate data. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20494."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:56:47.972Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-775",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-775/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"source": {
"lang": "en",
"value": "\u0110\u1ed7 Minh Tu\u1ea5n (@tuanit96) and Tran Van Khang (@khangkito) of STAR Labs SG Pte. Ltd."
},
"title": "Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-32170",
"datePublished": "2024-05-03T01:56:47.972Z",
"dateReserved": "2023-05-03T20:10:47.063Z",
"dateUpdated": "2024-08-02T15:10:23.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41185 (GCVE-0-2023-41185)
Vulnerability from nvd – Published: 2024-05-03 02:11 – Updated: 2024-08-02 18:54
VLAI?
Summary
Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the processing of client certificates. When parsing the certificate length field, the process does not properly validate user-supplied data, which can result in an integer overflow. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20353.
Severity ?
8.6 (High)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unified Automation | UaGateway |
Affected:
1.5.12
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:unified-automation:uagateway:1.5.12:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "uagateway",
"vendor": "unified-automation",
"versions": [
{
"status": "affected",
"version": "1.5.12"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41185",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T17:02:29.855587Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T15:32:43.519Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:54:04.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1286",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1286/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UaGateway",
"vendor": "Unified Automation",
"versions": [
{
"status": "affected",
"version": "1.5.12"
}
]
}
],
"dateAssigned": "2023-08-24T14:26:26.679-05:00",
"datePublic": "2023-08-30T15:13:33.619-05:00",
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the processing of client certificates. When parsing the certificate length field, the process does not properly validate user-supplied data, which can result in an integer overflow. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20353."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:11:46.261Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1286",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1286/"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-41185",
"datePublished": "2024-05-03T02:11:46.261Z",
"dateReserved": "2023-08-24T19:16:24.557Z",
"dateUpdated": "2024-08-02T18:54:04.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32173 (GCVE-0-2023-32173)
Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
VLAI?
Summary
Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.
The specific flaw exists within the implementation of the AddServer method. By specifying crafted arguments, an attacker can cause invalid characters to be inserted into an XML configuration file. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system.
. Was ZDI-CAN-20576.
Severity ?
5.8 (Medium)
CWE
- CWE-91 - XML Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unified Automation | UaGateway |
Affected:
UaGateway 1.5.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32173",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T17:41:33.314153Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T17:41:50.429Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:23.700Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-779",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-779/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UaGateway",
"vendor": "Unified Automation",
"versions": [
{
"status": "affected",
"version": "UaGateway 1.5.13"
}
]
}
],
"dateAssigned": "2023-05-03T15:16:43.168-05:00",
"datePublic": "2023-05-31T18:59:24.397-05:00",
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.\n\nThe specific flaw exists within the implementation of the AddServer method. By specifying crafted arguments, an attacker can cause invalid characters to be inserted into an XML configuration file. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system. \n. Was ZDI-CAN-20576."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-91",
"description": "CWE-91: XML Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:28:27.222Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-779",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-779/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"source": {
"lang": "en",
"value": "Axel \u00270vercl0k\u0027 Souchet of https://doar-e.github.io/"
},
"title": "Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-32173",
"datePublished": "2024-05-03T01:56:50.124Z",
"dateReserved": "2023-05-03T20:10:47.065Z",
"dateUpdated": "2024-09-18T18:28:27.222Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32174 (GCVE-0-2023-32174)
Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
VLAI?
Summary
Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.
The specific flaw exists within the handling of NodeManagerOpcUa objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.
. Was ZDI-CAN-20577.
Severity ?
9.1 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unified Automation | UaGateway |
Affected:
UaGateway 1.5.13
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:unified-automation:uagateway:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "uagateway",
"vendor": "unified-automation",
"versions": [
{
"lessThan": "1.5.14.495",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32174",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T17:33:02.989364Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T15:30:43.603Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:23.756Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-780",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-780/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UaGateway",
"vendor": "Unified Automation",
"versions": [
{
"status": "affected",
"version": "UaGateway 1.5.13"
}
]
}
],
"dateAssigned": "2023-05-03T15:16:43.194-05:00",
"datePublic": "2023-05-31T18:59:29.851-05:00",
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.\n\nThe specific flaw exists within the handling of NodeManagerOpcUa objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n. Was ZDI-CAN-20577."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:28:27.941Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-780",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-780/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"source": {
"lang": "en",
"value": "Axel \u00270vercl0k\u0027 Souchet of https://doar-e.github.io/"
},
"title": "Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-32174",
"datePublished": "2024-05-03T01:56:50.852Z",
"dateReserved": "2023-05-03T20:10:47.065Z",
"dateUpdated": "2024-09-18T18:28:27.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32172 (GCVE-0-2023-32172)
Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2024-08-02 15:10
VLAI?
Summary
Unified Automation UaGateway OPC UA Server Use-After-Free Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability.
The specific flaw exists within the implementation of the ImportXML function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20497.
Severity ?
6.5 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unified Automation | UaGateway |
Affected:
1.5.12.482
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32172",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-03T16:00:50.859225Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T16:00:56.254Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:23.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-777",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-777/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UaGateway",
"vendor": "Unified Automation",
"versions": [
{
"status": "affected",
"version": "1.5.12.482"
}
]
}
],
"dateAssigned": "2023-05-03T15:16:43.162-05:00",
"datePublic": "2023-05-31T18:59:09.188-05:00",
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway OPC UA Server Use-After-Free Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the ImportXML function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20497."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:56:49.400Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-777",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-777/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
},
"title": "Unified Automation UaGateway OPC UA Server Use-After-Free Denial-of-Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-32172",
"datePublished": "2024-05-03T01:56:49.400Z",
"dateReserved": "2023-05-03T20:10:47.065Z",
"dateUpdated": "2024-08-02T15:10:23.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32171 (GCVE-0-2023-32171)
Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2024-08-02 15:10
VLAI?
Summary
Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability.
The specific flaw exists within the ImportCsv method. A crafted XML payload can cause a null pointer dereference. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20495.
Severity ?
6.5 (Medium)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unified Automation | UaGateway |
Affected:
1.5.12.482
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:unified-automation:uagateway:1.5.12.482:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "uagateway",
"vendor": "unified-automation",
"versions": [
{
"status": "affected",
"version": "1.5.12.482"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32171",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T18:14:06.144787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T19:43:35.903Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:23.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-776",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-776/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UaGateway",
"vendor": "Unified Automation",
"versions": [
{
"status": "affected",
"version": "1.5.12.482"
}
]
}
],
"dateAssigned": "2023-05-03T15:16:43.155-05:00",
"datePublic": "2023-05-31T18:59:01.474-05:00",
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the ImportCsv method. A crafted XML payload can cause a null pointer dereference. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20495."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:56:48.684Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-776",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-776/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"source": {
"lang": "en",
"value": "Axel \u00270vercl0k\u0027 Souchet of https://doar-e.github.io/"
},
"title": "Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-32171",
"datePublished": "2024-05-03T01:56:48.684Z",
"dateReserved": "2023-05-03T20:10:47.065Z",
"dateUpdated": "2024-08-02T15:10:23.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32170 (GCVE-0-2023-32170)
Vulnerability from nvd – Published: 2024-05-03 01:56 – Updated: 2024-08-02 15:10
VLAI?
Summary
Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. User interaction is required to exploit this vulnerability in that the target must choose to accept a client certificate.
The specific flaw exists within the processing of client certificates. The issue results from the lack of proper validation of certificate data. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20494.
Severity ?
6.5 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unified Automation | UaGateway |
Affected:
1.5.12.482
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:unified-automation:uagateway:1.5.12.482:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "uagateway",
"vendor": "unified-automation",
"versions": [
{
"status": "affected",
"version": "1.5.12.482"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32170",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-03T14:21:35.494739Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T15:33:07.225Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:23.906Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-775",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-775/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "UaGateway",
"vendor": "Unified Automation",
"versions": [
{
"status": "affected",
"version": "1.5.12.482"
}
]
}
],
"dateAssigned": "2023-05-03T15:16:43.148-05:00",
"datePublic": "2023-05-31T18:58:55.758-05:00",
"descriptions": [
{
"lang": "en",
"value": "Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. User interaction is required to exploit this vulnerability in that the target must choose to accept a client certificate.\n\nThe specific flaw exists within the processing of client certificates. The issue results from the lack of proper validation of certificate data. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20494."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:56:47.972Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-775",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-775/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://documentation.unified-automation.com/uagateway/1.5.14/CHANGELOG.txt"
}
],
"source": {
"lang": "en",
"value": "\u0110\u1ed7 Minh Tu\u1ea5n (@tuanit96) and Tran Van Khang (@khangkito) of STAR Labs SG Pte. Ltd."
},
"title": "Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-32170",
"datePublished": "2024-05-03T01:56:47.972Z",
"dateReserved": "2023-05-03T20:10:47.063Z",
"dateUpdated": "2024-08-02T15:10:23.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}