Security Updates Released
16.12.2021
A severe Zero-day security issue, Log4Shell (CVE-2021-44228), was discovered on December 10 in the Java logging library, log4j v2.x. Our team has identified the issue and the effect on Java products.
We quickly resolved the issue and released new product versions on December 13 and 14, 2021. However, after that, security experts found a second vulnerability involving Apache Log4j (CVE-2021-45046). Although this is not as severe as the original vulnerability, we made new releases that resolved this issue, providing enhanced security for our customers.
New security updates are available for the following products:
- Prosys OPC UA Monitor
- Prosys OPC UA Modbus Server
- Prosys OPC UA Historian
- Prosys OPC UA Simulation Server
Prosys OPC UA Browser 4.1.0 release previously already contained the required fix.
To learn more about the security vulnerability in Java based OPC UA applications, check our Blog Post.
Please contact Prosys OPC Sales for more information.
About Prosys OPC Ltd
Prosys OPC is a leading provider of professional OPC software and services with over 20 years of experience in the field. OPC and OPC UA (Unified Architecture) are communications standards used especially by industrial and high-tech companies.
Newest blog posts
Update to importing Information Models, December 2021
Updates to the blog post on importing Information Models from NodeSet files
OPC UA Manufacturing Gateway Demo
OPC UA Manufacturing Gateway features OPC UA PubSub UDP and MQTT as well as OPC UA Process Automation Device Information Model (PA-DIM)
Log4Shell Attack Exploit
Security vulnerability in Java based OPC UA applications. (UPDATED 20.12.2021)
