CVE-2025-54811

Name of the Vulnerable Software and Affected Versions OpenPLC V3 (affected versions not specified)

Description A flaw exists in the enipThread function of OpenPLC V3 due to a missing return value. This can cause a crash when the server loop completes, resulting in an illegal ud2 instruction. An attacker can trigger this remotely without authentication by repeatedly starting the server or by causing the server to exit unexpectedly. Successful exploitation leads to a Denial of Service (DoS), halting the PLC runtime and any associated automation or control logic.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.