Summary: Cisco’s Talos unit has revealed five newly patched vulnerabilities in OpenPLC, an open-source programmable logic controller, which can lead to denial-of-service conditions or remote code execution. The most critical vulnerability, CVE-2024-34026, has a CVSS score of 9.0 and allows attackers to execute remote code through specially crafted EtherNet/IP requests.
Threat Actor: Unknown | unknown
Victim: OpenPLC | OpenPLC
Key Point :
- Five vulnerabilities were disclosed, including a severe stack-based buffer overflow (CVE-2024-34026) allowing remote code execution.
- Other vulnerabilities (CVE-2024-36980, CVE-2024-36981, CVE-2024-39589, CVE-2024-39590) can lead to denial-of-service conditions.
- Users are advised to update to the latest version of OpenPLC to mitigate these vulnerabilities.
Cisco’s Talos threat intelligence unit has disclosed details of five newly patched vulnerabilities in OpenPLC, an open-source programmable logic controller.
These vulnerabilities can be exploited to trigger a denial-of-service (DoS) condition or execute remote code. OpenPLC is an open-source programmable logic controller (PLC) designed to offer a low-cost solution for industrial automation. It is widely used for automating machines and processes in industries like manufacturing, energy, and utilities.
The most severe issue is a stack-based buffer overflow vulnerability, tracked as CVE-2024-34026 (CVSS score 9.0), that resides in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC _v3 b4702061dc14d1024856f71b4543298d77007b88.
An attacker could trigger the vulnerability to achieve remote code execution.
“A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.” reads the advisory.
The vulnerability was discovered by Jared Rittle of Cisco Talos that reported the issue to the maintainers of the project on June 10, 2024. The issue was addressed on September 18, 2024.
The remaining DoS flaws discovered by Talos are tracked as CVE-2024-36980, CVE-2024-36981, CVE-2024-39589, and CVE-2024-39590.
An attacker can exploit these high-severity vulnerabilities by sending specially crafted EtherNet/IP requests.
Users are recommended to update OpenPLC to the latest version that addresses the above vulnerabilities.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, RCE)
Source: https://securityaffairs.com/168953/ics-scada/openplc-critical-flaw.html