CVE-2025-1400

Name of the Vulnerable Software and Affected Versions libplctag versions 2.0 through 2.6.3

Description The issue is related to an Out-of-bounds Read in the unpack response function, located in conn.c, which allows Overread Buffers via the network. This can be exploited to potentially access sensitive information.

Recommendations For libplctag versions 2.0 through 2.6.3, consider restricting network access to the unpack response function in conn.c until a patch is available. As a temporary workaround, limiting the use of the unpack response function can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.