Miggo Logo
Miggo Vulnerability Database
CVE-2023-27321

CVE-2023-27321:
Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server

7.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-27321
GHSA ID
GHSA-vpf7-r2fv-75m9
EPSS Score
0.62292%
CWE
CWE-400
Published
5/5/2023
Updated
5/8/2024
KEV Status
No
Technology
TechnologyC#

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
OPCFoundation.NetStandard.Opc.Ua.Servernuget< 1.4.371.861.4.371.86

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability specifically involves uncontrolled resource consumption through ConditionRefresh requests. OPC UA server implementations typically handle subscription-related operations in Subscription service classes. The ConditionRefresh method would be responsible for processing refresh requests, and the advisory explicitly mentions this as the attack vector. Without proper throttling or resource limits in this handler, repeated requests would accumulate memory allocations. The high confidence comes from the direct correlation between the documented attack vector (ConditionRefresh abuse) and the standard architecture of OPC UA servers.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T*is s**urity up**t* r*solv*s * vuln*r**ility in t** OP* U* .N*T St*n**r* R***r*n** S*rv*r t**t *llows r*mot* *tt**k*rs to s*n* m*li*ious r*qu*sts t**t *onsum* *ll m*mory *v*il**l* to t** s*rv*r. *ttps://*il*s.op**oun**tion.or*/S**urity*ull*tins/OP*

Reasoning

T** vuln*r**ility sp**i*i**lly involv*s un*ontroll** r*sour** *onsumption t*rou** *on*itionR**r*s* r*qu*sts. OP* U* s*rv*r impl*m*nt*tions typi**lly **n*l* su*s*ription-r*l*t** op*r*tions in Su*s*ription s*rvi** *l*ss*s. T** *on*itionR**r*s* m*t*o* w