Platform
linux
Component
openplc
Fixed in
3.0.1
CVE-2021-47770 describes a Remote Code Execution (RCE) vulnerability present in OpenPLC v3, specifically versions 3.0.0 through OpenPLC v3. This flaw allows authenticated attackers to inject malicious code through the hardware configuration interface, potentially granting them complete control over the PLC system. The vulnerability was published on January 21, 2026, and a fix is available in version 3.1.0.
Successful exploitation of CVE-2021-47770 allows an attacker with valid credentials to upload a custom hardware layer containing embedded reverse shell code. This code establishes a network connection to a specified IP address and port, effectively providing the attacker with a remote command execution shell on the PLC. The potential impact is severe, as an attacker could manipulate industrial processes, steal sensitive data, or disrupt operations. Given the nature of PLCs in critical infrastructure and industrial control systems, this vulnerability poses a significant risk of widespread operational disruption and potential safety hazards. The ability to remotely execute commands bypasses standard security controls, making it a particularly dangerous threat.
Exploitation context for CVE-2021-47770 is currently limited, but the potential for severe impact warrants immediate attention. Public proof-of-concept (POC) code may emerge, increasing the risk of exploitation. The vulnerability's impact on industrial control systems makes it a potential target for state-sponsored actors or financially motivated cybercriminals. The vulnerability was published on 2026-01-21.
Exploit Status
EPSS
0.28% (52% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2021-47770 is to upgrade OpenPLC to version 3.1.0 or later, which contains the fix. If an immediate upgrade is not feasible, consider implementing stricter access controls to the hardware configuration interface, limiting access to only authorized personnel. Network segmentation can also help to isolate the PLC from other systems, limiting the potential blast radius of a successful attack. Monitor network traffic for unusual connections originating from the PLC, particularly connections to external IP addresses and ports. Review and audit existing hardware configurations for any signs of tampering.
Update OpenPLC to version 3.1.0 or later to mitigate the remote code execution vulnerability. The update corrects how hardware configurations are processed, preventing the injection of malicious code. Refer to the official OpenPLC documentation for detailed instructions on how to update the software.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2021-47770 is a Remote Code Execution vulnerability in OpenPLC v3 (3.0.0–OpenPLC v3) allowing authenticated attackers to inject malicious code and gain remote control.
You are affected if you are using OpenPLC versions 3.0.0 through OpenPLC v3 and have not upgraded to version 3.1.0 or later.
Upgrade OpenPLC to version 3.1.0 or later. Implement stricter access controls and network segmentation as interim measures.
While active exploitation is not currently confirmed, the potential for severe impact warrants immediate mitigation.
Refer to the official OpenPLC security advisories on their website or relevant security mailing lists.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.