Multiple flaws reported in OpenPLC, one critical RCE

Cisco’s Talos threat intelligence unit is reporting dfive vulnerabilities in OpenPLC, an open-source programmable logic controller (PLC) widely used for industrial automation across sectors like manufacturing, energy, and utilities.

The flaws could enable attackers to execute remote code or trigger denial-of-service (DoS) conditions.

• CVE-2024-34026 (CVSS score 9.8) - This critical vulnerability resides in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC version _v3 b4702061dc14d1024856f71b4543298d77007b88. If exploited, a specially crafted EtherNet/IP request can allow remote attackers to execute arbitrary code on the system.
• CVE-2024-36980 (CVSS score 7.5) - An out-of-bounds read vulnerability has been identified in the EtherNet/IP PCCC parser functionality of OpenPLC Runtime. This flaw can be exploited by sending specially crafted network requests, leading to a denial of service.
• CVE-2024-36981 (CVSS score 7.5) - An out-of-bounds read vulnerability has been identified in the EtherNet/IP PCCC parser functionality of OpenPLC Runtime. This flaw can be exploited by sending specially crafted network requests, leading to a denial of service.
• CVE-2024-39589 (CVSS score 7.5) - Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality. A specially crafted EtherNet/IP request can lead to denial of service.
• CVE-2024-39590 (CVSS score 7.5) - Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality. A specially crafted EtherNet/IP request can lead to denial of service.

Affected version is OpenPLC _v3 b4702061dc14d1024856f71b4543298d77007b88.

The issue has been addressed in the latest version of OpenPLC, released on September 17-18, 2024. Users are advised to update to the latest version immediately.