Automated Solutions OPC Vulnerability

CVEs (1)

Remediations

• Users of the Automated Solutions Modbus/TCP Master OPC Server (stand-alone) are recommended to take the following mitigation steps: Upgrade to the latest version and install the latest patch. Automated Solutions has developed a patch for the OPC Server (Version 3.0.0)
• ICS-CERT has verified that the software update resolves the vulnerability identified by the researcher. The patch is available at (http://automatedsolutions.com/demos/demoform.asp?code=17).
• Minimize network exposure for all control system devices. Critical devices should not directly face the Internet. Control system networks and remote devices should be located behind firewalls, and be isolated from the business network. If remote access is required, secure methods such as virtual private networks (VPNs) should be utilized.
• Owners and operators should exercise caution and consult their control systems vendor prior to making any changes. Proper impact analysis and testing should always be conducted prior to making any changes to control systems.

Affected Vendors

Affected Products (1)