Software development and security solutions provider JFrog has disclosed the details of several vulnerabilities affecting the OPC UA protocol, including flaws exploited by its employees at a hacking competition earlier this year.
OPC UA (Open Platform Communications United Architecture) is a machine-to-machine communication protocol that is used by many industrial solutions providers to ensure interoperability between various types of industrial control systems (ICS).
JFrog’s researchers discovered several vulnerabilities in OPC UA and disclosed some of them at the Pwn2Own Miami 2022 competition in April, where participants earned a total of $400,000 for hacking ICS.
In the OPC UA server category at Pwn2Own, the maximum prize was $40,000, for bypassing a trusted application check, and participants could earn $20,000 for remote code execution flaws.
The JFrog researchers earned $5,000 for each of two denial-of-service (DoS) exploits targeting the OPC UA .NET Standard server, an open source server used by hundreds of other repositories on GitHub, and the Unified Automation OPC UA C++ demo server.
The two vulnerabilities presented at Pwn2Own can be used to crash the OPC UA server. DoS flaws can have a significant impact in the case of ICS as they can lead to the disruption of critical processes.
JFrog disclosed its findings in a blog post published last week.
In addition, JFrog researchers reported eight other vulnerabilities to Unified Automation. The issues were found in the Unified Automation C++-based OPC UA Server SDK and they were fixed with the release of version 1.7.7 of the SDK.
Learn More About Vulnerabilities in Industrial Products at
SecurityWeek’s ICS Cyber Security Conference
Two of these vulnerabilities can allow an attacker with elevated privileges to achieve remote code execution on the server. These security holes did not qualify for Pwn2Own due to time and stability constraints, but their details were disclosed last week in a separate blog post by JFrog.
The remote code execution exploits are not stable, but the researchers believe they can be improved.
The technical details disclosed by JFrog could be useful to other researchers who want to analyze the security of the OPC UA industrial stack.
Related: Industrial Firms Informed About Serious Vulnerabilities in Matrikon OPC Product
Related: Many Vulnerabilities Found in OPC UA Industrial Protocol
Related: ICS Vendors Assessing Impact of New OPC UA Vulnerabilities
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- FDA Announces New Cybersecurity Requirements for Medical Devices
- Mandiant Investigating 3CX Hack as Evidence Shows Attackers Had Access for Months
- Unpatched Security Flaws Expose Water Pump Controllers to Remote Hacker Attacks
- 3CX Confirms Supply Chain Attack as Researchers Uncover Mac Component
- OpenSSL 1.1.1 Nears End of Life: Security Updates Only Until September 2023
- Google Links More iOS, Android Zero-Day Exploits to Spyware Vendors
- ChatGPT Data Breach Confirmed as Security Firm Warns of Vulnerable Component Exploitation
- Thousands Access Fake DDoS-for-Hire Websites Set Up by UK Police
Latest News
- Italy Temporarily Blocks ChatGPT Over Privacy Concerns
- FDA Announces New Cybersecurity Requirements for Medical Devices
- Report: Chinese State-Sponsored Hacking Group Highly Active
- Votiro Raises $11.5 Million to Prevent File-Borne Threats
- Lumen Technologies Hit by Two Cyberattacks
- Leaked Documents Detail Russia’s Cyberwarfare Tools, Including for OT Attacks
- Mandiant Investigating 3CX Hack as Evidence Shows Attackers Had Access for Months
- Severe Azure Vulnerability Led to Unauthenticated Remote Code Execution
