Medium severity5.3NVD Advisory· Published Oct 22, 2024· Updated Apr 15, 2026

CVE-2024-45526

Description

An issue was discovered in OPC Foundation OPCFoundation/UA-.NETStandard through 1.5.374.78. A remote attacker can send requests with invalid credentials and cause the server performance to degrade gradually.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
OPCFoundation.NetStandard.Opc.UaNuGet	< 1.5.374.118	1.5.374.118
OPCFoundation.NetStandard.Opc.Ua.CoreNuGet	< 1.5.374.118	1.5.374.118

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/advisories/GHSA-7vfh-cqpc-4267ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2024-45526ghsaADVISORY
files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2024-45526.pdfnvdWEB
github.com/OPCFoundation/UA-.NETStandard/security/advisories/GHSA-7vfh-cqpc-4267ghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000