4.3.19 Security related attacks
4.3.19.1 Overview
OPC UA provides extensive security feature, but if one of the security features is compromise, additional attacks could be orchestrated. This section describes some of the possible attacks and what the preconditions would be necessary for these attacks. In general, the nature of these attacks is to elevate the level of access that might be available due to the compromised security feature.
4.3.19.2 Compromised Client certificate – user access elevation
If a client ApplicationInstanceCertificate is compromised (attacker has access to the private key) and it has not been detected as compromised, an attacker might try to obtain elevated access by obtaining user credentials.

4.3.19.3 Compromised Client certificate and compromised network infrastructure
If a client ApplicationInstanceCertificate is compromised (attacker has access to the private key) and it has not been detected as compromised and the network infrastructure is compromised, an attacker might
4.3.19.4 Compromised Client certificate – Secure channel takeover

4.3.19.5 Compromised Server certificate – User Identity stealing

4.3.19.6 Compromised Client certificate – Secure channel takeover