CVE-2021-40142 in Local Discovery Serverinfo

Summary

by MITRE • 08/27/2021

In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Analysis

by VulDB Data Team • 09/01/2021

The vulnerability identified as CVE-2021-40142 affects the OPC Foundation Local Discovery Server (LDS) version 1.04.402.463 and earlier, representing a critical security flaw that enables remote attackers to execute denial of service attacks. This issue stems from improper memory management within the LDS implementation, specifically manifesting as an access to memory location beyond buffer boundaries. The OPC Foundation LDS serves as a crucial component in industrial automation environments, facilitating discovery and communication between OPC UA clients and servers within local networks. The vulnerability occurs when the server processes specially crafted messages that trigger buffer overflow conditions, allowing attackers to manipulate memory access patterns and potentially disrupt the normal operation of the discovery service.

This memory corruption vulnerability directly maps to CWE-125, which describes an out-of-bounds read condition where a program accesses memory beyond the boundaries of a buffer. The flaw exists in the LDS message parsing logic where input validation is insufficient to handle malformed data structures. When remote attackers send carefully constructed messages containing oversized or malformed data fields, the LDS process fails to properly validate buffer limits before accessing memory locations. The consequence of this improper memory handling creates a predictable pattern of memory corruption that can lead to application crashes, process termination, and complete service unavailability. The vulnerability is particularly concerning in industrial control systems where continuous availability of discovery services is critical for operational integrity.

The operational impact of CVE-2021-40142 extends beyond simple service disruption, potentially compromising industrial automation workflows that depend on OPC UA discovery mechanisms. In manufacturing environments, the LDS facilitates communication between various industrial devices, sensors, and control systems, making it a prime target for attackers seeking to disrupt production processes. The DoS condition can result in cascading failures throughout the industrial network as downstream systems lose the ability to discover and communicate with required services. Network monitoring systems may detect unusual traffic patterns or service outages, but the attack itself remains relatively stealthy as it does not involve data exfiltration or system compromise. The vulnerability affects systems that rely on OPC UA for industrial communication protocols, which are prevalent in critical infrastructure sectors including energy, manufacturing, and process control industries.

Organizations should implement immediate mitigations including updating to OPC Foundation LDS version 1.04.402.463 or later, which contains the necessary patches to address the buffer overflow condition. Network segmentation and access control measures should be enforced to limit exposure of the LDS service to untrusted networks, as recommended in the MITRE ATT&CK framework for industrial control systems. The vulnerability demonstrates the importance of input validation and proper memory management in industrial communication protocols, aligning with security best practices outlined in NIST SP 800-82 for industrial control systems. System administrators should also implement continuous monitoring for unusual service behavior and establish incident response procedures specifically addressing OPC UA service disruptions. Additional defensive measures include deploying network intrusion detection systems that can identify malformed OPC UA messages and implementing rate limiting to prevent abuse of the discovery service. The vulnerability highlights the need for robust software security practices in industrial environments where traditional cybersecurity controls may not adequately address protocol-specific weaknesses.

Responsible

MITRE

Reservation

08/25/2021

Disclosure

08/27/2021

Moderation

accepted

CPE

ready

EPSS

0.02563

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!