cvedb.io
CVE-2024-39589
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2024-09-18T15:15:15.333 · Last modified 2026-06-17T07:42:17.230

Summary

Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC_v3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet/IP request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger these vulnerabilities.This instance of the vulnerability occurs within the `Protected_Logical_Read_Reply` function

Affected products

openplcproject — openplc_v3_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when openplcproject ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.