Plattform
linux
Komponente
openplc
Behoben in
3.0.1
CVE-2021-47770 describes a Remote Code Execution (RCE) vulnerability present in OpenPLC v3, specifically versions 3.0.0 through OpenPLC v3. This flaw allows authenticated attackers to inject malicious code through the hardware configuration interface, potentially granting them complete control over the PLC system. The vulnerability was published on January 21, 2026, and a fix is available in version 3.1.0.
Successful exploitation of CVE-2021-47770 allows an attacker with valid credentials to upload a custom hardware layer containing embedded reverse shell code. This code establishes a network connection to a specified IP address and port, effectively providing the attacker with a remote command execution shell on the PLC. The potential impact is severe, as an attacker could manipulate industrial processes, steal sensitive data, or disrupt operations. Given the nature of PLCs in critical infrastructure and industrial control systems, this vulnerability poses a significant risk of widespread operational disruption and potential safety hazards. The ability to remotely execute commands bypasses standard security controls, making it a particularly dangerous threat.
Exploitation context for CVE-2021-47770 is currently limited, but the potential for severe impact warrants immediate attention. Public proof-of-concept (POC) code may emerge, increasing the risk of exploitation. The vulnerability's impact on industrial control systems makes it a potential target for state-sponsored actors or financially motivated cybercriminals. The vulnerability was published on 2026-01-21.
Organizations utilizing OpenPLC v3 (3.0.0–OpenPLC v3) in industrial control systems, particularly those with remote access capabilities or shared network environments, are at significant risk. This includes manufacturing plants, energy facilities, and any other critical infrastructure relying on PLCs for automation and control.
• linux / server:
journalctl -u openplc | grep -i "hardware configuration"• linux / server:
ps aux | grep -i "reverse shell"• linux / server:
lsof -i :<suspicious_port>disclosure
Exploit-Status
EPSS
0.28% (52% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2021-47770 is to upgrade OpenPLC to version 3.1.0 or later, which contains the fix. If an immediate upgrade is not feasible, consider implementing stricter access controls to the hardware configuration interface, limiting access to only authorized personnel. Network segmentation can also help to isolate the PLC from other systems, limiting the potential blast radius of a successful attack. Monitor network traffic for unusual connections originating from the PLC, particularly connections to external IP addresses and ports. Review and audit existing hardware configurations for any signs of tampering.
Actualice OpenPLC a la versión 3.1.0 o posterior para mitigar la vulnerabilidad de ejecución remota de código. La actualización corrige la forma en que se procesan las configuraciones de hardware, evitando la inyección de código malicioso. Consulte la documentación oficial de OpenPLC para obtener instrucciones detalladas sobre cómo actualizar el software.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2021-47770 is a Remote Code Execution vulnerability in OpenPLC v3 (3.0.0–OpenPLC v3) allowing authenticated attackers to inject malicious code and gain remote control.
You are affected if you are using OpenPLC versions 3.0.0 through OpenPLC v3 and have not upgraded to version 3.1.0 or later.
Upgrade OpenPLC to version 3.1.0 or later. Implement stricter access controls and network segmentation as interim measures.
While active exploitation is not currently confirmed, the potential for severe impact warrants immediate mitigation.
Refer to the official OpenPLC security advisories on their website or relevant security mailing lists.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.