Introduction
Description
June 28, 2011 - Version 1.0
A vulnerability has been discovered in the RsiOPCAuto.dll version 1.1.8.0 ActiveX component included with specific versions of RSLinx Classic that can allow for the execution or arbitrary code. This vulnerability affects the following:
- RSLinx Classic version 2.54 and earlier
Details of this vulnerability are as follows:
The vulnerability results from a boundary error in the RsiOPCAuto.OPCServer ActiveX control. When a specific parameter in this control receives an excessively long debug string, a buffer overflow condition can allow for the execution of arbitrary and potentially malicious code.
There are currently no known active exploits of this vulnerability.
To help reduce the likelihood of exploitation and associated security risk, Rockwell Automation recommends the following mitigation strategy:
| Affected Software | Upgrade or patch software | |
| RSLinx Classic version 2.54 and earlier that include any version of RsiOPCAuto.dll | Option 1 --> | Recommended: |
| Option 2 --> | If unable to upgrade to version 2.55: Apply software patch for RsiOPCAuto.dll to address this vulnerability in RSLinx Classic version 2.54 and all prior versions. The patch is available in the following technote: Answer ID 449288 NOTE: Rockwell Automation recommends all users applying this RSLinx Classic patch plan to upgrade to RSLinx Classic version 2.55 at first convenience given RSLinx Classic’s transition from RsiOPCAuto.dll to OpcDAauto.dll. |
Rockwell Automation remains committed to making additional security enhancements to our systems in the future.
For more information and for assistance with assessing the state of security of your existing controls system, including improving your system-level security when using Rockwell Automation and other vendor controls products, you can visit the Rockwell Automation Security Solutions web site at http://www.rockwellautomation.com/solutions/security.
