An attacker builds a malicious OPC UA Server or installs an unauthorized instance of a genuine OPC UA Server in a system. The rogue Server may attempt to masquerade as a legitimate UA Server or it may simply appear as a new Server in the system.
The OPC Client may disclose confidential information.
A rogue Server impacts all of the security objectives except Integrity and Non-Repudiation.
See 5.1.10 for the reconciliation of this threat.