VYPR

Local Discovery Server

by Opcfoundation

CVEs (5)

  • CVE-2017-12069HigAug 30, 2017
    risk 0.54cvss 8.2epss 0.03

    An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1),…

  • CVE-2017-11672HigJun 13, 2018
    risk 0.51cvss 7.8epss 0.00

    The OPC Foundation Local Discovery Server (LDS) before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges.

  • CVE-2017-17443MedJun 13, 2018
    risk 0.42cvss 6.5epss 0.01

    OPC Foundation Local Discovery Server (LDS) 1.03.370 required a security update to resolve multiple vulnerabilities that allow attackers to trigger a crash by placing invalid data into the configuration file. This vulnerability requires an attacker with access to the file system…

  • CVE-2022-44725Nov 17, 2022
    risk 0.00cvss epss 0.00

    OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a configuration file. This allows a normal user to create a malicious file that is loaded by LDS (running as a high-privilege user).

  • CVE-2021-40142Aug 27, 2021
    risk 0.00cvss epss 0.03

    In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.