Our products have been selected as targets at the Pwn2Own Miami 2023 contest. One minor exploit was discovered in our products. Organizers later disclosed the exploit’s details to us so we could fix the issue.

The main reason for the successful attack was a vulnerability in the Prosys OPC UA SDK for Java. The issue has now been fixed, and version 4.10.4 of the SDK has been released.

Additionally, we have released security updates for the following products:

To learn more about the security vulnerability in Java-based OPC UA applications, check our Blog Post.

Please contact Prosys OPC Sales for more information.