Analysis of Critical Vulnerabilities in OPC UA Industrial Protocol by Cybersecurity Expert

Tom Ford, a penetration tester and cybersecurity specialist at Bureau Veritas, presents an analysis of vulnerabilities in the OPC UA protocol, widely used in industrial automation. OPC UA is a standardized and open protocol that supports encryption and authentication but is often exposed on the Internet without a VPN. The protocol relies on two layers: the secure channel (encryption and device authentication via certificates) and the session layer (user authentication). Two major vulnerabilities are detailed: a reflection/relay attack exploiting the lack of contextual metadata in signatures, and a Bleichenbacher attack (CVE-1998) targeting the RSA PKCS#1 v1.5 padding scheme, still enabled by default in several implementations.

The reflection attack allows bypassing authentication by leveraging the OPC UA over HTTPS variant, where the client is not authenticated via TLS. The Bleichenbacher attack, optimized through a timing side-channel (processing differences between 10 to 100 encrypted blocks), successfully bypassed authentication in 15 minutes on a C implementation, with times extending up to 2 hours in some cases. Out of seven tested implementations, five were vulnerable by default, including Siemens products (WinCC). Fixes include disabling vulnerable modes or updating configurations. The disclosure was coordinated by the OPC Foundation, with CVEs assigned and CVSS scores varying by vendor.