An attacker builds a malicious OPC UA Serveror installs an unauthorized instance of a genuine OPC UA Serverin a system. The rouge Servermay attempt to masquerade as a legitimate UA Serveror it may simply appear as a new Serverin the system.

The OPC Clientmay disclose necessary information.

A rogue Serverimpacts all of the security objectives except Integrity andNon-Repudiation.

See 5.1.10for the reconciliation of this threat.