cbcvebase.

Openplc V3 vulnerabilities

6 known vulnerabilities affecting openplc/openplc_v3.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2024-34026P2CRITICALCVSS 9.8vb4702061dc14d1024856f71b4543298d77007b882024-09-18
CVE-2024-34026 [CRITICAL] CWE-121 CVE-2024-34026: A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functio A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC _v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.
nvd
CVE-2024-36981P3HIGHCVSS 7.5vb4702061dc14d1024856f71b4543298d77007b882024-09-18
CVE-2024-36981 [HIGH] CWE-125 CVE-2024-36981: An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functional An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLC_v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.This is the final instance of the incorrec
nvd
CVE-2024-36980P3HIGHCVSS 7.5vb4702061dc14d1024856f71b4543298d77007b882024-09-18
CVE-2024-36980 [HIGH] CWE-125 CVE-2024-36980: An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functional An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLC_v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.This is the first instance of the incorrec
nvd
CVE-2024-39589P3HIGHCVSS 7.5v16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a2024-09-18
CVE-2024-39589 [HIGH] CWE-704 CVE-2024-39589: Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC_v3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet/IP request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger these vulnerabilities.This instance of the vul
nvd
CVE-2024-39590P3HIGHCVSS 7.5v16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a2024-09-18
CVE-2024-39590 [HIGH] CWE-704 CVE-2024-39590: Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC_v3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet/IP request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger these vulnerabilities.This instance of the vul
nvd
CVE-2025-53476P4MEDIUMCVSS 5.3va931181e8b81e36fadf7b74d5cba99b73c3f6d582025-10-07
CVE-2025-53476 [MEDIUM] CWE-775 CVE-2025-53476: A denial of service vulnerability exists in the ModbusTCP server functionality of OpenPLC _v3 a93118 A denial of service vulnerability exists in the ModbusTCP server functionality of OpenPLC _v3 a931181e8b81e36fadf7b74d5cba99b73c3f6d58. A specially crafted series of network connections can lead to the server not processing subsequent Modbus requests. An attacker can open a series of TCP connections to trigger this vulnerability.
nvd
Openplc V3 vulnerabilities | cvebase