CVE-2023-27321

HIGH

Opcfoundation Ua-.netstandard < 1.4.371.86 - Denial of Service

Title source: rule

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-27321. PoCs published by JustKhal.

AI-analyzed exploit summary This repository contains a functional exploit PoC for CVE-2023-27321, demonstrating an OPC UA authentication bypass via mismatched certificate SAN and session ApplicationUri. It includes a modular gateway setup, exploit scripts, and network isolation controls for a CDDC 2026 challenge.

Description

OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20505.

Exploits (1)

nomisec WORKING POC

by JustKhal · poc

https://github.com/JustKhal/OPC-UA-Authentication-Challenge

View Code ZIP pw:eip

This repository contains a functional exploit PoC for CVE-2023-27321, demonstrating an OPC UA authentication bypass via mismatched certificate SAN and session ApplicationUri. It includes a modular gateway setup, exploit scripts, and network isolation controls for a CDDC 2026 challenge.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: OPC UA Server (CVE-2023-27321)

No auth needed

Prerequisites: Raspberry Pi with two network interfaces · OPC UA client with certificate configuration · Python 3.12+

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Apr 29, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory x_research-advisory

https://www.zerodayinitiative.com/advisories/ZDI-23-548/

Vendor Advisory vendor-advisory

https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-27321.pdf

Scores

CVSS v3 7.5

EPSS 0.0105

EPSS Percentile 59.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-400

Status published

Products (2)

nuget/OPCFoundation.NetStandard.Opc.Ua.Server 0 - 1.4.371.86NuGet

opcfoundation/ua-.netstandard < 1.4.371.86

Published May 07, 2024

Tracked Since Feb 18, 2026