Vulnerability CVE-2023-26151
Published: 2023-10-03

Description:
Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service (DoS) such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory.

 References:
https://gist.github.com/artfire52/1540b234350795e0ecb4d672608dbec8
https://github.com/FreeOpcUa/opcua-asyncio/releases/tag/v0.9.96
https://security.snyk.io/vuln/SNYK-PYTHON-ASYNCUA-5673709
https://github.com/FreeOpcUa/opcua-asyncio/issues/1013
https://github.com/FreeOpcUa/opcua-asyncio/pull/1039
https://github.com/FreeOpcUa/opcua-asyncio/commit/f6603daa34a93a658f0e176cb0b9ee5a6643b262
Copyright 2026, cxsecurity.com

 

Back to Top