CVE-2021-43083

Name of the Vulnerable Software and Affected Versions Apache PLC4X - PLC4C versions prior to 0.9.1

Description The issue is related to an unsigned integer underflow flaw inside the tcp transport. To exploit this, a user would have to actively connect to a malicious device that could send a response with invalid content. The probability of this being exploited is currently considered minimal, but this could change in the future, especially with industrial networks growing together.

Recommendations For versions prior to 0.9.1, update to version 0.9.1 to address the issue. As a temporary workaround, consider restricting connections to trusted devices to minimize the risk of exploitation.