漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
OpenPLC_V3
Vulnerability Description
OpenPLC_V3 has a vulnerability in the enipThread function that occurs due to the lack of a return value. This leads to a crash when the server loop ends and execution hits an illegal ud2 instruction. This issue can be triggered remotely without authentication by starting the same server multiple times or if the server exits unexpectedly. The vulnerability allows an attacker to cause a Denial of Service (DoS) against the PLC runtime, stopping any PC started remotely without authentication. This results in the PLC process crashing and halting all automation or control logic managed by OpenPLC.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Vulnerability Type
依赖未定义、未指明或实现定义的行为
Vulnerability Title
OpenPLC 安全漏洞
Vulnerability Description
OpenPLC是Thiago Alves个人开发者的一种开源的可编程逻辑控制器。可为自动化和研究提供低成本的工业解决方案。 OpenPLC存在安全漏洞,该漏洞源于enipThread函数缺少返回值,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A