o6 Automation GmbH Open62541
Summary
A vulnerability (CVE-2026-1301) has been identified in o6 Automation GmbH Open62541 versions >=1.5-rc1 and <1.5-rc2. Successful exploitation could allow an attacker to cause a denial-of-service condition and memory corruption due to an out-of-bounds write vulnerability when processing crafted JSON messages with PubSub and JSON enabled.
IFF Assessment
FOE
The vulnerability allows for denial-of-service and memory corruption, posing a risk to defenders.
Severity
5.7
Medium
Defender Context
This vulnerability requires defenders to patch affected Open62541 instances, particularly in critical manufacturing environments. Pay close attention to network traffic and look for malformed JSON messages. Vulnerabilities in industrial control systems continue to be a target.