<Security Notice>The vulnerability of DeviceXPlorer OPC Server |
Mar. 16, 2007
TAKEBISHI Corporation |
| SYMPTOM |
|
The vulnerabilitiy was pointed out regading DeviceXPlorer OPC Server. There are possibilities for a remote attacker to access aribitrary memory in the OPC Server via the OPCDA inteface, potentially leading to malicious code execution. (Currently the report of the affair has not yet come to us.)
|
| RESOLUTION |
|
We have might improved relevant software and have already released "DeviceXPlorer OPC Server V3.12 Build3." Upgrade to the latest version. If you could not replace relevant software by the latest version, even if you done, you should strictly configure the RPC settings. And, control the access permissions when OPC Server is connected from OPC Client applications through different network segment.
|
| AFFECTED PRODUCTS |
DeviceXPlorer MELSEC OPC Server
DeviceXPlorer SYSMAC OPC Server
DeviceXPlorer FA-M3 OPC Server
DeviceXPlorer TOYOPUC OPC Server
DeviceXPlorer HIDIC OPC Server
DeviceXPlorer MODBUS OPC Server
"V3.11 Build6 former" and "V3.12 Build1" and "V3.12 Build2" of the above products.
|
| SUPPORT |
TAKEBISHI Corporation
29 Mamedacho Nishikyogoku Ukyoku Kyoto 615-8501, JAPAN
TEL +81-75-325-2171 / FAX +81-75-325-2273
Acceptance time 9:00-12:00 / 13:00-17:00 (JP Local Time Zone)
Email fa-support@takebishi.co.jp
Contact Person : Ryuji Takeuchi / Masatoshi Ike
|
|
