SECURITY NOTIFICATION - OPC Server for SCADA DNP3 - SN 2013-06-24-01

SECURITY NOTIFICATION SN 2013-06-24-01

SNs are Proprietary to MatrikonOPC and MatrikonOPC Customers.

SNs describe a security risk that is of an immediate nature relating to loss of availability, loss of integrity, control, or view, or loss of confidentiality related to the identified Matrikon product.

AFFECTED PRODUCT or SERVICE: OPC Server for DNP3

RELEASE/VERSION/REVISION: OPC Server for DNP3: v1.2.0 and above

DATE ANNOUNCED: June 24, 2013

AFFECTED CUSTOMERS:Customers running OPC Server for DNP3 v1.2.0 and above

VULNERABILITY OVERVIEW:

The MatrikonOPC product versions listed above contain a specific vulnerability that may cause the server to exit and cause communications to stop. This type of event is considered to have an extremely low probability of happening in the real world.

VULNERABILITY DETAILS:

EXPLOIT-ABILITY

This vulnerability may interrupt communications because it may cause the OPC Server to fail.

EXISTENCE OF EXPLOIT

No known exploits specifically target this vulnerability.

DIFFICULTY

Attacking this vulnerability would involve the OPC Server for DNP3 connecting to a computer or device on the network which could cause the OPC Server failure. To do this would require in-depth technical knowledge of the DNP3 protocol and the specific vulnerability in the MatrikonOPC software.

CAUTION: Due to the wide variety of site-specific architectures & customization, it is the responsibility of each customer to assess the potential impact of this anomaly to their process & facilities.

ACTIONS/MITIGATIONS:

A new version of the OPC Server for DNP3 has been released to address this vulnerability.

  1.  OPC Server for DNP3 Fix:

 To obtain and install the fix please do the following:

  1. Visit www.opcsupport.com, click on the Product Advisory section, and read the posted Security Notice.
  2. Contact OPC Support to obtain the new version of the OPC server for DNP3
  3. Install the new version of the OPC Server for DNP3.

Note: Public disclosure of this vulnerability is pending via an ICS-CERT Advisory. Therefore, all impacted customers are highly urged to download and apply the appropriate field fix to protect their systems from exploit of this vulnerability.

Acknowledgement:

This vulnerability has been reported by Adam Crain of Automatak and independent researcher Chris Sistrunk via ICS-CERT. 

If you have any questions concerning this notice, please contact MatrikonOPC Customer Support.

Rating:Rating of 4.5 Stars1 Votes

MatrikonOPC

Topic Information
  • Topic #: 4164-2890
  • Date Created: 6/24/2013
  • Last Modified Since: 10/2/2014
  • Viewed: 354