Wiz
Vulnerability DatabaseCVE-2022-29863

CVE-2022-29863
C# vulnerability analysis and mitigation

Overview

OPC UA .NET Standard Stack 1.04.368 allows remote attackers to cause a crash via a crafted message that triggers excessive memory allocation. The vulnerability was disclosed on June 16, 2022, and is tracked as CVE-2022-29863. This vulnerability affects the OPC Foundation's UA .NET Standard Stack versions up to (excluding) 1.4.368.58 (NVD, CVE).

Technical details

The vulnerability is classified as CWE-770 (Allocation of Resources Without Limits or Throttling). It has been assigned a CVSS v3.1 base score of 7.5 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, and a CVSS v2.0 base score of 5.0 (MEDIUM) with the vector string (AV:N/AC:L/Au:N/C:N/I:N/A:P) (NVD).

Impact

When exploited, this vulnerability can cause the application to crash through excessive memory allocation, potentially leading to a denial of service condition. The impact is primarily on the availability of the system, with no direct effect on confidentiality or integrity (NVD).

Mitigation and workarounds

Users should upgrade to OPC UA .NET Standard Stack version 1.4.368.58 or later to address this vulnerability. The OPC Foundation has released security patches and provided guidance in their security bulletin (OPC Security, OPC Bulletin).

Additional resources

SourceThis report was generated using AI

Related C# vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-64095CRITICAL9.8
  • C#C#
  • DNN.PLATFORM
NoYesOct 28, 2025
CVE-2025-64113CRITICAL9.3
  • C#C#
  • MediaBrowser.Server.Core
NoYesDec 09, 2025
CVE-2025-66631HIGH7.2
  • C#C#
  • Csla
NoYesDec 09, 2025
CVE-2025-66625MEDIUM4.9
  • C#C#
  • Umbraco.Cms
NoYesDec 09, 2025
CVE-2025-65955MEDIUM4.9
  • C#C#
  • Magick.NET-Q8-OpenMP-arm64
NoYesDec 02, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo