CVE-2024-42513

Published: Feb 10, 2025Modified: Oct 2, 2025

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints.

Affected (1)

Products: Opcfoundation: Ua .net Standard Stack

Opcfoundation

1 product

Ua .net Standard Stack

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Opcfoundation Ua .net Standard Stack	Before 1.5.374.158

Related CWEs

CWE-305

Authentication Bypass by Primary Weakness

The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.

References (1)

https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2024-42513.pdf

Source: cve@mitre.org

Vendor Advisory

Timeline

No history available yet.