Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-27297 | 1 Honeywell | 1 Opc Ua Tunneller | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to manipulate memory with controlled values and remotely execute code on the OPC UA Tunneller (versions prior to 6.3.0.8233). | |||||
| CVE-2020-27295 | 1 Honeywell | 1 Opc Ua Tunneller | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| The affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233). | |||||
| CVE-2020-27274 | 1 Honeywell | 1 Opc Ua Tunneller | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233). | |||||
| CVE-2020-27299 | 1 Honeywell | 1 Opc Ua Tunneller | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to obtain and disclose sensitive data information or cause the device to crash on the OPC UA Tunneller (versions prior to 6.3.0.8233). | |||||