How severe is CVE-2022-37012?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2022-37012?

This is classified as CWE-911, which is a common weakness in software security.

CVE-2022-37012 - HIGH Severity | CVSS 7.5

Vulnerability Description

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation OPC UA C++ Demo Server 1.7.6-537. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpcUa_SecureListener_ProcessSessionCallRequest method. A crafted OPC UA message can force the server to incorrectly update a reference count. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-16927.

Related Vulnerabilities

CVE-2022-1678

HIGH

CVSS:7.5(High)

An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.

CWE-9112022

CVE-2022-22195

HIGH

CVSS:7.5(High)

An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causi...

CWE-9112022

CVE-2023-22394

HIGH

CVSS:7.5(High)

An Improper Handling of Unexpected Data Type vulnerability in the handling of SIP calls in Juniper Networks Junos OS on SRX Series and MX Series platforms allows an attacker to cause a memory leak lea...

CWE-9112023

CVE-2022-29581

HIGH

CVSS:7.8(High)

Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; vers...

CWE-9112022

CVE-2024-46972

HIGH

CVSS:7.8(High)

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.

CWE-9112024

CVE-2021-47327

HIGH

CVSS:7.1(High)

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails arm_smmu_rpm_get() invokes pm_runtime_get_sync(), whic...

CWE-9112021