Critical RCE vulnerability found in OpenPLC
2024-9-27 01:49:13 Author: securityaffairs.com(查看原文) 阅读量:13 收藏

Critical RCE vulnerability found in OpenPLC

Pierluigi Paganini September 26, 2024

Cisco’s Talos reported critical and high-severity flaws in OpenPLC that could lead to DoS condition and remote code execution.

Cisco’s Talos threat intelligence unit has disclosed details of five newly patched vulnerabilities in OpenPLC, an open-source programmable logic controller.

These vulnerabilities can be exploited to trigger a denial-of-service (DoS) condition or execute remote code. OpenPLC is an open-source programmable logic controller (PLC) designed to offer a low-cost solution for industrial automation. It is widely used for automating machines and processes in industries like manufacturing, energy, and utilities.

The most severe issue is a stack-based buffer overflow vulnerability, tracked as CVE-2024-34026 (CVSS score 9.0), that resides in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC _v3 b4702061dc14d1024856f71b4543298d77007b88.

An attacker could trigger the vulnerability to achieve remote code execution.

“A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.” reads the advisory.

The vulnerability was discovered by Jared Rittle of Cisco Talos that reported the issue to the maintainers of the project on June 10, 2024. The issue was addressed on September 18, 2024.

The remaining DoS flaws discovered by Talos are tracked as CVE-2024-36980, CVE-2024-36981CVE-2024-39589, and CVE-2024-39590

An attacker can exploit these high-severity vulnerabilities by sending specially crafted EtherNet/IP requests.

Users are recommended to update OpenPLC to the latest version that addresses the above vulnerabilities.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, RCE)




文章来源: https://securityaffairs.com/168953/ics-scada/openplc-critical-flaw.html
如有侵权请联系:admin#unsafe.sh