CVE-2022-2967 Information

Description

Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials which could allow an attacker to obtain user credentials and gain access to system data.

Reference

https://www.prosysopc.com/blog/#Security https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01