Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OpenPLC_V3
Vulnerability Description
OpenPLC_V3 has a vulnerability in the enipThread function that occurs due to the lack of a return value. This leads to a crash when the server loop ends and execution hits an illegal ud2 instruction. This issue can be triggered remotely without authentication by starting the same server multiple times or if the server exits unexpectedly. The vulnerability allows an attacker to cause a Denial of Service (DoS) against the PLC runtime, stopping any PC started remotely without authentication. This results in the PLC process crashing and halting all automation or control logic managed by OpenPLC.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Vulnerability Type
依赖未定义、未指明或实现定义的行为
Vulnerability Title
OpenPLC 安全漏洞
Vulnerability Description
OpenPLC是Thiago Alves个人开发者的一种开源的可编程逻辑控制器。可为自动化和研究提供低成本的工业解决方案。 OpenPLC存在安全漏洞,该漏洞源于enipThread函数缺少返回值,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A