Critical Vulnerabilities Found in Third-Party OPC Protocol Implementations Used Throughout ICS

Summary

Claroty researchers discovered multiple critical vulnerabilities in Open Platform Communications (OPC) network protocol, an embedded protocol widely used throughout Industrial Control Systems (ICS). OPC is considered the communication hub of operational technology (OT) networks, ensuring the operability and management between ICS and proprietary devices that otherwise could not exchange information. These vulnerabilities are considered trivial to exploit and may result in denial-of-service (DOS) conditions, remote code execution, and information leaks of sensitive device data. Many of these vulnerable products are integrated into components offered by third-party vendors. Researchers believe these vulnerabilities may affect various products sold by vendors across all ICS markets. Three vendors—Softing Industrial Automation GmbH, Kepware PTC, and Matrikon Honeywell—have provided fixes for their respective products.

Recommendations

The NJCCIC recommends users of affected products upgrade to the latest versions as they are made available and after appropriate testing. Technical details can be found in the Claroty blog post and additional reporting can be found in the Dark Reading article.