CVE-2026-15690 in open62541info

Summary

by MITRE • 07/14/2026

A vulnerability was identified in open62541 up to 1.5.5. Affected by this issue is the function responseReadNamespacesArray of the file src/client/ua_client_connect.c of the component Shared Client Library. Such manipulation of the argument Server_NamespaceArray leads to null pointer dereference. The attack can be executed remotely. The attack requires a high level of complexity. The exploitation is known to be difficult. The exploit is publicly available and might be used. The project closed the issue report, stating that this is not the official way to report a security vulnerability.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 07/14/2026

The vulnerability in open62541 version 1.5.5 and earlier represents a critical null pointer dereference flaw within the shared client library component. This issue manifests specifically in the responseReadNamespacesArray function located in src/client/ua_client_connect.c, where improper handling of the Server_NamespaceArray argument creates exploitable conditions that can lead to application crashes or system instability. The vulnerability operates at the intersection of software robustness and security implementation, demonstrating how seemingly routine data processing functions can become attack vectors when proper input validation and error handling mechanisms are absent.

The technical execution of this vulnerability involves manipulation of the Server_NamespaceArray parameter during client-server communication in OPC UA implementations. When the responseReadNamespacesArray function processes malformed or unexpected namespace array data, it fails to properly validate null pointers before dereferencing them, creating a condition where memory access violations occur. This type of flaw falls under CWE-476 which specifically addresses NULL Pointer Dereference vulnerabilities, representing a fundamental security weakness that can be leveraged by attackers to disrupt service availability or potentially execute arbitrary code depending on system configuration and memory layout.

The operational impact of this vulnerability extends beyond simple service disruption as it affects the core connectivity functionality of OPC UA clients within industrial control systems and IoT environments. Given that open62541 is widely used in industrial automation and manufacturing contexts, this vulnerability presents significant risk to operational technology infrastructure where reliability and continuous operation are paramount. The remote exploitation capability means that attackers can potentially compromise systems from external networks without requiring physical access, making it particularly dangerous for industrial environments where network segmentation may be insufficient or absent.

Security professionals should note that while the exploit complexity is rated as high, the public availability of working exploits increases the likelihood of successful attacks against unpatched systems. The vulnerability's classification under ATT&CK framework would likely map to T1210 - Exploitation of Remote Services and potentially T1499 - Endpoint Detection Evasion if attackers attempt to cover their tracks after initial compromise. Organizations using open62541 should prioritize immediate patching to version 1.6.0 or later where this vulnerability has been addressed through proper null pointer validation in the affected function. The project's response regarding reporting methods does not negate the severity of the issue, and security researchers should continue to follow established protocols for vulnerability disclosure while organizations maintain vigilance against publicly available exploit code targeting this specific flaw in industrial communication frameworks.

Responsible

VulDB

Disclosure

07/14/2026

Moderation

accepted

CPE

ready

Exploit

Download

EPSS

0.00000

KEV

no

Activities

low

Sources

Do you need the next level of professionalism?

Upgrade your account now!