We use cookies to provide you with a better experience. By continuing to browse the site you are agreeing to our use of cookies in accordance with our Privacy Policy.
  • TOPICS
    • Design
    • Manufacturing
    • Applications
    • Components
    • Industry
    • MRO
  • MAGAZINE
    • Current Issue
    • Departments
    • Archives
    • Subscribe
    • Advertise
  • NEWSLETTER
  • VIDEO
    • Power Transmission Engineering TV
  • BLOGS
    • Revolutions
    • Editors Choice
    • Motor Matters with George Holling
    • Bearings with Norm
  • BUYER'S GUIDE
  • NEWS and EVENTS
    • Product News
    • Industry News
    • Events
  • Advertising
    • Brand Awareness
      • Print: Display Advertising
      • Print: Engineering Showcase
      • Online: Web Banners & Keyword Banners
      • Online: Sponsored Content (Native Advertising)
      • E-mail: Custom, White Papers & Webinars
      • Email: Sponsored Content (Native Advertising)
    • Response & Lead Generation
      • E-Mail: Sponsored Content (Native Advertising)
      • E-mail: Newsletters
      • E-mail: Custom, White Papers & Webinars
      • Online: Buyers Guide
      • Online: Sponsored Content (Native Advertising)
    • Print
      • Print: Display Advertising
      • Print: Engineering Showcase
      • Print: IMTS/Hannover Messe USA Showstoppers (September 2022)
      • Print: Buyers Guide
      • Print: Engineering sMart
      • Print: Specifications
    • Online
      • Online: Web Banners and Keyword Banners
      • Online: Buyers Guide
      • Online: Sponsored Content (Native Advertising)
      • Online: Specifications
    • E-Mail
      • E-mail: Newsletters
      • E-mail: Custom, White Papers & Webinars
      • E-mail: Sponsored Content (Native Advertising)
      • E-mail: Specifications
    • Special Promotions
      • Print: Engineering Showcase
      • Print: Showstoppers(IMTS/Hannover Messe USA)
      • Print: Buyers Guide
      • Print: Engineering sMart
  • Contact Us
  • AGMA
    • Membership
    • Events
    • Education
    • Emerging Technology
    • AGMA Media
      • Gear Technology
      • Gear Technology India
    • Standards
Subscribe
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Home » Opto 22 Responds to URGENT/11 Inquiries

Opto 22 Responds to URGENT/11 Inquiries

August 15, 2019
The recent announcement of security vulnerabilities discovered in the Wind River VxWorks IPnet TCP/IP stack has prompted questions from Opto 22 customers about what impact this discovery may have on TCP/IP-based products developed and manufactured by Opto 22.

Opto 22 would like to reassure customers that, after careful and thorough review, they can state that none of their hardware or software products contain the VxWorks IPnet TCP/IP stack or variants of that software and are, therefore, not directly exposed to any attacks that might target these vulnerabilities. This statement applies to the recent Opto 22 product family groov EPIC (edge programmable industrial controller), the groov Edge Appliance (groov Box), the SNAP PAC System, and SNAP Ethernet I/O products.

These security vulnerabilities, dubbed URGENT/11 by Armis, an enterprise IoT security firm that made the discoveries, have far-reaching implications and affect an extremely large array of industrial, medical, and enterprise environments. These include mission-critical systems such as SCADA, industrial controllers, PLCs, PACs, and more. Other systems outside traditional industrial devices like patient monitors and MRI machines, as well as firewalls, routers, modems, VOIP phones, and printers are also affected.
 
For specific information about the eleven CVEs (Common Vulnerabilities and Exposures) related to the URGENT/11 discovery, please visit Wind River’s webpage: https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/

Due to the fundamental design of industrial controllers and how they connect to a wide range of devices, some may confuse firmware vulnerabilities such as URGENT/11 with better known viruses and malicious software we frequently hear about. It is important to understand that only the devices that have embedded the affected IPnet TCP/IP stack are subject to attacks that target this vulnerability.

Opto 22 cannot respond to or address the possible risks or exposures created by hardware and software products manufactured by other companies. It’s important to carefully review the information provided by manufacturers of the hardware and software that run your applications and networks, making sure that they clearly indicate the specific model numbers or product names affected by this vulnerability.

Customers should be aware that some companies might use Opto 22 language or terms (for example, “EPIC controller”) to describe their products. These are general descriptions and have absolutely no connection to the Opto 22 groov EPIC controller, a product name that is a registered trademark owned by Opto 22 and protected under the USPTO trademark laws of the United States. Be sure to check specific model numbers and product names, not just general descriptions, in order to minimize confusion.

For a list of affected companies and links to published advisories and their products, we suggest visiting the URGENT/11 webpage on the Armis website for more information: https://armis.com/urgent11/.
 
Industry News
  • Related Articles

    Velo3D Puts Manufacturing Capabilities to Work for Lockheed Martin

    Velo3D Adds Pawlikowski to Board of Directors

    AD Spotlights Independent Distributors at North American Meeting

Free Power Transmission Engineering Subscriptions
Subscribe
Free Power Transmission Engineering Subscriptions
Subscribe
FEATURED VIDEO
  • Regal Rexnord Motor Minute: Why Do Direct Drive Motor Shafts Have a Flat Side?
March 21, 2022
RECOMMENDED
  • LogiMat 2022 Offers Motion Control and Robotic Technologies

    April 18, 2022
    Logi1.jpg
  • The Flexibility Factor

    April 12, 2022
    Huco2.jpg
  • Rapid Advancement at Automate 2022

    April 12, 2022
    Depositphotos_204041702_XL.jpg
  • Interoperability: What it is, and why it matters in the age of automation

    May 17, 2022
    Kollmorgen1.jpg
  • The Extreme Ends of Turbine Condition Monitoring

    May 6, 2022
    wind farm1.jpg
  • Interoperability: What it is, and why it matters in the age of automation

    May 17, 2022
    Kollmorgen1.jpg
  • The Extreme Ends of Turbine Condition Monitoring

    May 6, 2022
    wind farm1.jpg
  • LogiMat 2022 Offers Motion Control and Robotic Technologies

    April 18, 2022
    Logi1.jpg
  • Subscribe
  • Advertise
  • Contribute
  • Gear Technology
Powered byAGMA
Copyright © 2022 Power Transmission Engineering
  • Privacy Policy
  • Contact