Professional OPC
Development Tools

logos

Online Forums

Technical support is provided through Support Forums below. Anybody can view them; you need to Register/Login to our site (see links in upper right corner) in order to Post questions. You do not have to be a licensed user of our product.

Please read Rules for forum posts before reporting your issue or asking a question. OPC Labs team is actively monitoring the forums, and replies as soon as possible. Various technical information can also be found in our Knowledge Base. For your convenience, we have also assembled a Frequently Asked Questions page.

Do not use the Contact page for technical issues.

IT Security: Vulnerability Reporting

More
09 Apr 2024 08:54 #12719 by support
Update:

We now have a new place for publishing security-related announcements: Security Bulletins in Knowledge Base .

Please Log in or Create an account to join the conversation.

More
10 Feb 2022 18:09 #10611 by support
Hello.

Haven't had to do this yet. A serious vulnerability would be posted here: www.opclabs.com/forum/product-related (RSS feed is possible), with whatever info necessary to deal with it.

The product combines our own code and some libraries - mainly, the OPC UA .NET stack from OPC Foundation. We generally update our product to the latest version of the UA stack (or other libraries), but there may be some lag. The version of the UA stack used within a particular QuickOPC version is listed in the QuickOPC documentation, and you can track the UA stack for any issues. If a really critical issue appears, we would react and take over the fixed stack ASAP.

Severe security vulnerabilities in other parts of the code are less likely (because the code does not make the direct communication), but of course still possible. If reported to us, we would deal with them in the same "industry standard way", that is, address them in reasonable time (which is usually several weeks), and then publish, together the with the mitigation/resolution.

Best regards

Please Log in or Create an account to join the conversation.

More
09 Feb 2022 22:11 #10603 by BurkhardSchaefer
How do you publish security vulnerabilities found in your products? Can you ensure to publish known vulnerabilities within a certain time?

Please Log in or Create an account to join the conversation.

Moderators: support
Time to create page: 0.049 seconds