What the vulnerability does

01Description

Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233).

Key dates

02Disclosure timeline

January 26, 2021 CVE published
August 4, 2024 Record updated