September 26, 2024 at 11:13AM
Cisco Talos disclosed critical and high-severity vulnerabilities in OpenPLC, an open source programmable logic controller designed for industrial automation and research. These can be exploited for DoS attacks and remote code execution using specially crafted EtherNet/IP requests. The vulnerabilities were patched on September 17, and users are advised to update OpenPLC.
Based on the meeting notes, it appears that Cisco Talos has disclosed details of recently patched vulnerabilities in OpenPLC that could be exploited for DoS attacks and remote code execution. The vulnerabilities, including one critical and several high-severity flaws, were reported to the OpenPLC developers by Cisco Talos researchers and have been assigned CVE numbers for tracking.
The critical vulnerability, tracked as CVE-2024-34026, allows a remote attacker to execute arbitrary code on the targeted system using specially crafted EtherNet/IP requests. The high-severity flaws, also exploitable via specially crafted EtherNet/IP requests, lead to a DoS condition rather than arbitrary code execution.
Given the impact of DoS vulnerabilities on industrial control systems (ICS), where exploitation could disrupt sensitive processes, the flaws are being tracked as CVE-2024-36980, CVE-2024-36981, CVE-2024-39589, and CVE-2024-39590.
The vulnerabilities have been patched on September 17, and users have been advised to update OpenPLC. Additionally, Talos has shared information on how the DoS issues can be addressed in the source code.
Lastly, there are related articles mentioning other critical vulnerabilities in Automatic Tank Gauges and ICS systems published by Siemens, Schneider, ABB, and CISA, as well as unpatched vulnerabilities exposing Riello UPSs to hacking.