Cyber Resilience

CVE-2024-34026

CriticalPublic PoC

Published: 18 September 2024

Published
18 September 2024
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0870 92.7th percentile
Risk Priority 23 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-34026 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Openplcproject Openplc V3 Firmware. Its CVSS base score is 9.0 (Critical).

Operationally, ranked in the top 7.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

A stack-based buffer overflow vulnerability exists in the EtherNet/IP parser of the OpenPLC Runtime component within OpenPLC version 3 at commit b4702061dc14d1024856f71b4543298d77007b88. The flaw, tracked under CWE-121 and CWE-787, is triggered by a specially crafted EtherNet/IP request and carries a CVSS 3.1 score of 9.0 reflecting network attack vector, high complexity, no required privileges or user interaction, and changed scope with high impact on confidentiality, integrity, and availability.

An unauthenticated remote attacker can send a sequence of malicious EtherNet/IP requests to the affected parser and achieve remote code execution on the target system. The published EPSS score stands at 0.0870 with no material increase from an earlier lower value.

Detailed analysis and indicators are available in the Talos reports at the referenced URLs for TALOS-2024-2005.

EU & UK References

Vulnerability details

A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC _v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this…

more

vulnerability.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

openplcproject
openplc v3 firmware
2024-04-04

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

References