This page lists publicly disclosed CVE vulnerabilities affecting opcfoundation local_discovery_server (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-44725 | OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a configuration file. This allows a normal user to create a malicious file that is loaded by LDS (running as a high-privilege user). | [email protected] | 7.8 | 0.05% | 2022-11-17 | 2025-04-29 |
| CVE-2017-17443 | OPC Foundation Local Discovery Server (LDS) 1.03.370 required a security update to resolve multiple vulnerabilities that allow attackers to trigger a crash by placing invalid data into the configuration file. This vulnerability requires an attacker with access to the file system where the configuration file is stored; however, if the configuration file is altered the LDS will be unavailable until it is repaired. | [email protected] | 6.5 | 0.35% | 2018-06-13 | 2024-11-21 |
| CVE-2017-11672 | The OPC Foundation Local Discovery Server (LDS) before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges. | [email protected] | 7.8 | 0.04% | 2018-06-13 | 2024-11-21 |