Cisco Talos: OpenPLC_v3 EtherNet/IP Parser Stack-Based Buffer Overflow (CVE-2024-34026)

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability ID: TALOS-2024-2005 2. Vulnerability Description: OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability 3. Date: September 18, 2024 4. CVE ID: CVE-2024-34026 5. Vulnerability Type: Stack-based Buffer Overflow 6. Affected Version: OpenPLC_v3 b4702061dc14d1024856f71b4543298d77007b88 7. Product URL: https://github.com/thiagoralves/OpenPLC_v3 8. CVSSv3 Score: 9.0 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H 9. Details: - OpenPLC is an open-source Programmable Logic Controller (PLC) designed to provide low-cost automation solutions. - The EtherNet/IP protocol stack contains a buffer overflow vulnerability. - When requests sent to the OpenPLC EtherNet/IP server are processed, data is passed to further processing. - Unimplemented or invalid ENIP commands cause a stack overflow. - This vulnerability can be exploited by sending an ENIP request with an invalid command code, a valid encapsulation header, and at least 500 bytes of data. 10. Crash Information: - The vulnerability can be exploited by sending an ENIP request with an invalid command code, a valid encapsulation header, and at least 500 bytes of data. 11. Timeline: - 2024-06-10: Initial vendor contact - 2024-06-10: Vendor disclosure - 2024-09-17: Vendor patch release - 2024-09-18: Public disclosure 12. Discoverer: Jared Rittle of Cisco Talos This information provides a detailed overview of the vulnerability in the OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser, including its nature, affected versions, exploitation method, and timeline.

Goal Reached Thanks to every supporter — we hit 100%!

Cisco Talos: OpenPLC_v3 EtherNet/IP Parser Stack-Based Buffer Overflow (CVE-2024-34026)