Plattform
linux
Komponente
gpl-odorizers-gpl750
Behoben in
6.0.0
6.0.0
20.0.0
20.0.0
CVE-2026-4436 describes a critical vulnerability in GPL Odorizers GPL750 (XL4) gas odorization systems. A low-privileged remote attacker can exploit this flaw to manipulate the amount of odorant injected into a gas line by sending crafted Modbus packets. This can result in either insufficient odorant detection, posing a safety hazard, or excessive odorant release, leading to environmental concerns. Versions 1.0.0 through v20.0 are affected, and a fix is available in version v20.0.
The impact of CVE-2026-4436 is severe due to the potential for gas leaks and explosions. By manipulating the odorant injection logic, an attacker could effectively mask a gas leak, preventing residents from detecting it through smell. This could lead to a dangerous buildup of gas, increasing the risk of ignition and subsequent explosion. The attack surface is the Modbus interface, which is commonly used for industrial control systems. Successful exploitation requires network access to the GPL750 (XL4) device, but does not require authentication. This makes it a particularly concerning vulnerability, as it could be exploited remotely without needing credentials.
CVE-2026-4436 was publicly disclosed on 2026-04-09. There is currently no known public proof-of-concept (POC) code available. The EPSS score is likely to be medium, given the potential for significant impact and the relatively straightforward attack vector (Modbus). The vulnerability has been added to the CISA KEV catalog, indicating a heightened level of concern. Active campaigns are not currently known, but the ease of exploitation warrants close monitoring.
Critical infrastructure operators, particularly those utilizing GPL Odorizers GPL750 (XL4) for natural gas odorization, are at significant risk. This includes gas distribution companies, pipeline operators, and industrial facilities that rely on natural gas. Legacy installations and systems with inadequate network segmentation are particularly vulnerable.
• linux / server:
journalctl -u gpl750 -f | grep -i modbus• linux / server:
ps aux | grep -i modbus• generic web: Use a network analyzer (e.g., Wireshark) to monitor Modbus traffic on the device's network interface for suspicious activity or unexpected register value changes.
disclosure
Exploit-Status
EPSS
0.06% (20% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-4436 is to upgrade the GPL Odorizers GPL750 (XL4) to version v20.0 or later, which contains the fix. If an immediate upgrade is not possible, consider segmenting the network to restrict access to the Modbus interface. Implement strict firewall rules to limit inbound connections to the device, allowing only authorized traffic. Monitoring Modbus traffic for unusual patterns or unexpected register value changes can also provide early detection of potential exploitation attempts. After upgrading, verify the fix by attempting to send a Modbus packet designed to manipulate the odorant injection register and confirming that the injection logic remains unaffected.
Aktualisieren Sie die Firmware des GPL750 (XL4) auf Version 6.0 oder höher, um die Schwachstelle zu beheben. Das Fehlen einer Authentifizierung in kritischen Funktionen ermöglicht die Manipulation von Registerwerten, was zu einer falschen Duftstoffinjektion führen kann. Weitere Informationen zur Aktualisierung finden Sie in der Dokumentation des Herstellers.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-4436 is a high-severity vulnerability allowing remote attackers to manipulate odorant injection in GPL Odorizers GPL750 (XL4) via Modbus packets, potentially causing safety or environmental hazards.
Yes, if you are using GPL Odorizers GPL750 (XL4) versions 1.0.0 through v20.0, you are potentially affected by this vulnerability.
Upgrade to version v20.0 or later to resolve the vulnerability. Consider network segmentation and access controls as interim mitigations.
While no active exploitation has been confirmed, the vulnerability's nature and the widespread use of Modbus suggest a potential for exploitation.
Refer to the GPL Odorizers website or contact their support team for the official advisory regarding CVE-2026-4436.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.