AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2021-45117: The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointe

mediumvulnerability

security

Source: NVD/CVE DatabaseMarch 21, 2022CVE-2021-45117

Summary

CVE-2021-45117 is a vulnerability in OPC (OLE for Process Control, a standard for industrial automation communication) autogenerated ANSI C code where error handling is incomplete, allowing a NULL pointer dereference (an error where code tries to access memory that doesn't exist). This bug affects software that uses OPC NodeSets (configuration files that define data structures).

Vulnerability Details

CVSS Score

6.5(medium)

EPSS (30-day exploit probability)

EPSS: 0.5%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-476

Original source: https://nvd.nist.gov/vuln/detail/CVE-2021-45117

First tracked: February 15, 2026 at 08:36 PM

Classified by LLM (prompt v3) · confidence: 95%