← Back to home
ICSA-22-349-01  ·  Published 2023-01-03  ·  View on CISA ICS-CERT ↗

Prosys OPC UA Simulation Server (Update A)

CVSS 6.5 MEDIUM

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to obtain credentials and gain access to system data.

CVEs (1)

Remediations

  • Simulation Server: Update to v5.4.0
  • Modbus Server: Update to 1.4.20
  • Restart the application after modifying user passwords.
  • For more information, users can refer to the Prosys OPC security blog.

Affected Vendors

Prosys OPC

Affected Products (2)

Prosys OPC · Prosys OPC UA Simulation Server < 5.3.0-64
Prosys OPC · Prosys OPC UA Modbus Server <= 1.4.18-5

Affected Sectors

Critical Manufacturing, Energy, Information Technology

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more