Exele OPC Products and Hardening DCOM Changes (KB5004442)

Exele OPC Products and Hardening DCOM Changes (KB5004442)

Due to a vulnerability detailed in CVE-2021-26414, Microsoft released a security update in June 2021 which will change the level of DCOM security required between OPC Classic clients and remote OPC servers. Once implemented, this change will cause connection failures between many OPC clients and remote OPC servers including Exele OPC client products TopView OPC/SCADA, TopView OPC A&E, and OPCcalc.

Which OPC clients will not be affected by this change?

The following OPC Classic clients/servers are not affected by this change:

  • OPC clients and servers on the same machine
  • OPC clients that implement Packet Integrity authentication level
  • Remote OPC clients and servers that use an OPC tunneller if the tunneller makes local OPC connections on both machines

How are Exele OPC client products affected by this change?

Our current release of OPC client products (as of December 2021) do not implement the required client security level “Packet Integrity”. We have created a patch to address this issue.

Patching will be available for customers with an active Software Support Agreement. To obtain the patch users can send an email to support@exele.com requesting the “Exele DCOM security 2021 patch”. Please include your current product license file.

The patch can be applied to the following Exele OPC products:

  • TopView OPC/SCADA and OPC A&E version 6.25.3 and later
  • OPCcalc versions 4.5 and 4.6

Earlier versions or TopView and OPCcalc will need to be upgraded to a version that supports the patch.

Read the full details of this change and impact on Exele OPC products