Browse all 8 CVE security advisories affecting Unified Automation. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Unified Automation develops industrial automation software focused on OPC UA server implementations for manufacturing and process control systems. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and insecure default configurations. Security researchers have identified multiple authentication bypass vulnerabilities and insecure object handling in their UA SDK. While no major public security incidents have been widely reported, the eight CVEs on record highlight persistent security concerns in their automation frameworks, particularly regarding secure coding practices and secure default configurations for industrial environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-41185 | Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability — UaGatewayCWE-190 | 7.5 | - | 2024-05-03 |
| CVE-2023-32174 | Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability — UaGatewayCWE-416 | 7.5 | - | 2024-05-03 |
| CVE-2023-32173 | Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability — UaGatewayCWE-91 | 6.5 | - | 2024-05-03 |
| CVE-2023-32171 | Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability — UaGatewayCWE-476 | 6.5 | - | 2024-05-03 |
| CVE-2023-32172 | Unified Automation UaGateway OPC UA Server Use-After-Free Denial-of-Service Vulnerability — UaGatewayCWE-416 | 6.5 | - | 2024-05-03 |
| CVE-2023-32170 | Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability — UaGatewayCWE-20 | 6.5 | - | 2024-05-03 |
This page lists every published CVE security advisory associated with Unified Automation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.