ZDI-23-709: (Pwn2Own) Prosys OPC UA Simulation Server Resource Exhaustion Denial-of-Service Vulnerability

May 17, 2023, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Prosys OPC UA Simulation Server. Authentication is not required to exploit this vulnerability.

attackers authentication exhaustion exploit opc opc ua pwn2own server service simulation vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-439: Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability 1 day, 3 hours ago | www.zerodayinitiative.com

arbitrary code attackers bluetooth code +20

ZDI-24-438: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 1 day, 3 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +16

ZDI-24-437: Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability 1 day, 3 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +15

ZDI-24-436: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 1 day, 3 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +16

ZDI-24-435: Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability 1 day, 3 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +15

ZDI-24-434: Dassault Systèmes eDrawings Viewer SAT File Parsing Uninitialized Variable Remote Code Execution Vulnerability 1 day, 3 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +16

ZDI-24-433: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 1 day, 3 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +16

ZDI-24-432: Dassault Systèmes eDrawings Viewer JT File Parsing Memory Corruption Remote Code Execution Vulnerability 1 day, 3 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +17

ZDI-24-431: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 1 day, 3 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +16

Expert Global Security Solutions Specialist

@ CHS Inc. | Inver Grove Heights, MN, US, 55077-1721

View on infosec-jobs.com

Security Operations Senior Associate - Perimeter Response

@ JPMorgan Chase & Co. | Houston, TX, United States

View on infosec-jobs.com

Cybersecurity Engineer IV

@ ManTech | 203O - CustomerSite,Washington,DC

View on infosec-jobs.com

Senior Site Reliability Engineer - Security

@ Klaviyo | Boston, MA

View on infosec-jobs.com

Information Security Specialist (Cloud Security)

@ Vertiv | Philippines

View on infosec-jobs.com

Business Value Consultant

@ Sumo Logic | United States

View on infosec-jobs.com

View more jobs

all InfoSec news

ZDI-23-709: (Pwn2Own) Prosys OPC UA Simulation Server Resource Exhaustion Denial-of-Service Vulnerability

More from www.zerodayinitiative.com / ZDI: Published Advisories

Jobs in InfoSec / Cybersecurity

Expert Global Security Solutions Specialist

Security Operations Senior Associate - Perimeter Response

Cybersecurity Engineer IV

Senior Site Reliability Engineer - Security

Information Security Specialist (Cloud Security)

Business Value Consultant