Description
An unauthenticated remote attacker can exhaust
server memory via the FindServers Discovery Service in open62541. The
serverUris field of FindServersRequest is not validated for length or array
size. An attacker can declare an arbitrarily large string (up to ~3.9 GB)
delivered across intermediate chunks without ever sending the final chunk. The
server buffers all chunks in RAM indefinitely until the SecureChannel times
out. The attack is pre-session and bypasses all encryption configuration. The issue affects open62541: from 1.4.0 through 1.4.16, from 1.5.0 through 1.5.4, master.
Published: 2026-07-02
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 06 Jul 2026 23:15:00 +0000

Type Values Removed Values Added
First Time appeared Open62541 Project / O6 Automation Gmbh
Open62541 Project / O6 Automation Gmbh open62541
Vendors & Products Open62541 Project / O6 Automation Gmbh
Open62541 Project / O6 Automation Gmbh open62541

Thu, 02 Jul 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 02 Jul 2026 07:30:00 +0000

Type Values Removed Values Added
Description An unauthenticated remote attacker can exhaust server memory via the FindServers Discovery Service in open62541. The serverUris field of FindServersRequest is not validated for length or array size. An attacker can declare an arbitrarily large string (up to ~3.9 GB) delivered across intermediate chunks without ever sending the final chunk. The server buffers all chunks in RAM indefinitely until the SecureChannel times out. The attack is pre-session and bypasses all encryption configuration. The issue affects open62541: from 1.4.0 through 1.4.16, from 1.5.0 through 1.5.4, master.
Title FindServers Memory Exhaustion in open62541
Weaknesses CWE-770
CWE-789
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}


Subscriptions

Open62541 Project / O6 Automation Gmbh Open62541
cve-icon MITRE

Status: PUBLISHED

Assigner: ENISA

Published:

Updated: 2026-07-02T12:30:18.800Z

Reserved: 2026-03-23T12:53:47.475Z

Link: CVE-2026-33592

cve-icon Vulnrichment

Updated: 2026-07-02T12:29:42.817Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-08T12:45:03Z

Weaknesses