Home -> Resources -> SCADA/ICS Vulnerability Reference -> Open Automation Software OPC Systems.NET

Open Automation Software OPC Systems.NET Denial-of-Server Vulnerability

October 12, 2011 (updated January 12, 2012)

Luigi Auriemma publicly reported a malformed packet vulnerabilities with RPC packets in the Open Automation Software's OPC Systems.NET application potentially creating a denial-of-service situation. Proof-of-concept (PoC) exploit code accompanied this report.

The vulnerability is exploitable by sending a malformed .NET Remote Procedure Call (RPC) packet to cause a denial of service (DoS) through port 58723/tcp, denying service to legitimate users.

ICS-CERT has coodinated this vulnerability with OAS, and an update is available that resolves this vulnerability. Luigi Auriemma has tested the update and has confirmed that it resolves the vulnerability.

All versions of OPC Systems.NET prior to 5.0 are affected.

ICS-CERT Advisories / Alerts

ICSA-12-012-01
ICS-ALERT-11-285-01

Vendor Website (include Patches / Hotfixes)

Vendor Homepage
OPC Systems.NET Product Info (Download link available)
Updated Software (including Trial Downloads of Previous Versions)

Exploit Proof-of-Concept

Exploit-DB ID 17965
Security Focus (ID 50047)

Common Vulnerability & Exposure (CVE) References

CVE-2011-4871
NVD CVE-2011-4871

Additional Information

Disclosure (Luigi Auriemma)
Exploit-DB ID 17965
Open-Source Vulnerability Database #76404
Security Focus Vulnerability Info and Exploit Bugtraq ID 50047

More Holes Beset SCADA Firms (ISSSource)