CVE-2022-37012

Unified Automation OPC UA C++ Improper Update of Reference Count Denial-of-Service Vulnerability

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation OPC UA C++ Demo Server 1.7.6-537. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpcUa_SecureListener_ProcessSessionCallRequest method. A crafted OPC UA message can force the server to incorrectly update a reference count. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-16927.

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation OPC UA C++ Demo Server. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the OpcUa_SecureListener_ProcessSessionCallRequest method. A crafted OPC UA message can force the server to incorrectly update a reference count. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

*Credits: 20urdjk

CVSS Scores

NISTv3.1 7.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-07-28 CVE Reserved
2022-07-28 CVE Published
2024-08-03 CVE Updated
2024-10-19 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-911: Improper Update of Reference Count

CAPEC

References (2)

URL	Tag	Source
https://documentation.unified-automation.com/uasdkcpp/1.7.7/CHANGELOG.txt	Release Notes
https://www.zerodayinitiative.com/advisories/ZDI-22-1030	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Unified-automation Search vendor "Unified-automation"		Opc Ua C\+\+ Demo Server Search vendor "Unified-automation" for product "Opc Ua C\+\+ Demo Server"				1.7.6.537 Search vendor "Unified-automation" for product "Opc Ua C\+\+ Demo Server" and version "1.7.6.537"		-		Affected