CVE-2024-39589

Name of the Vulnerable Software and Affected Versions OpenPLC v3 (affected versions not specified)

Description Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality. A specially crafted EtherNet/IP request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger these vulnerabilities. This instance of the vulnerability occurs within the Protected Logical Read Reply function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.