How severe is CVE-2024-39589?

CVE-2024-39589 has a CVSS v3 score of 7.5 (HIGH).

CVE-2024-39589

Name: openplc_v3_firmware
Author: openplcproject

7.5HIGH

Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC_v3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet/

게시됨: 9/18/2024업데이트됨: 11/4/2025

설명

Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC_v3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet/IP request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger these vulnerabilities.This instance of the vulnerability occurs within the `Protected_Logical_Read_Reply` function

AI 분석AI 기반

영향받는 제품

openplcprojectopenplc_v3_firmware

2024-05-28

참조

https://talosintelligence.com/vulnerability_reports/TALOS-2024-2016
ExploitThird Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2016