« All news

Pwn2Own 2023 Security Updates Released - ZDI-CAN-20503 Vulnerability


Our products have been selected as targets at the Pwn2Own Miami 2023 contest. One minor exploit was discovered in our products. Organisers later disclosed the exploit’s details to us so we could fix the issue.

Main reason of the successful attack was a vulneraibility in the Prosys OPC UA SDK for Java. The issue has now been fixed and a version 4.10.4 of the SDK has been released.

Additionally, we have released security updates for the following products:

To learn more about the security vulnerability in Java-based OPC UA applications, check our Blog Post.

Please contact Prosys OPC Sales for more information.

About Prosys OPC Ltd

Prosys OPC is a leading provider of professional OPC software and services with over 20 years of experience in the field. OPC and OPC UA (Unified Architecture) are communications standards used especially by industrial and high-tech companies.

Read more about us »

Newest blog posts

How to Succeed in the Production Analytics Project

Industry 4.0 analytics projects are going to be Significantly rising business in the next couple of years. Read how to bypass the most common cavepits and delivery projects succesfully.

OPC UA Pwn2Own 2023 Resource Exhaustion Exploit

Security vulnerability in the Prosys OPC UA SDK for Java.

Why is EDGE an Important Part of Industry 4.0 Factory?

Nowadays, the EDGE offers a wider functionality than just of an aggregating OPC UA server. In reality, it is the main part of an Industry 4.0 factory.

View all blog posts »