Platform
linux
Component
gpl-odorizers-gpl750
Fixed in
6.0.0
6.0.0
20.0.0
20.0.0
CVE-2026-4436 describes a critical vulnerability in GPL Odorizers GPL750 (XL4) gas odorization systems. A low-privileged remote attacker can exploit this flaw to manipulate the amount of odorant injected into a gas line by sending crafted Modbus packets. This can result in either insufficient odorant detection, posing a safety hazard, or excessive odorant release, leading to environmental concerns. Versions 1.0.0 through v20.0 are affected, and a fix is available in version v20.0.
The impact of CVE-2026-4436 is significant due to the potential for both safety and environmental consequences. Malicious actors could intentionally manipulate the odorant injection process to mask gas leaks, preventing timely detection and potentially leading to explosions or health hazards. Conversely, excessive odorant injection could create nuisance odors and negatively impact the environment. The Modbus protocol's widespread use in industrial control systems makes this vulnerability particularly concerning, as it could be exploited remotely without physical access to the device. This vulnerability shares similarities with other industrial control system (ICS) vulnerabilities where remote manipulation of critical processes can have severe repercussions.
CVE-2026-4436 was publicly disclosed on 2026-04-09. While no public proof-of-concept (PoC) code is currently available, the vulnerability's nature and the widespread use of Modbus in ICS environments suggest a potential for exploitation. The EPSS score is likely to be assessed as medium to high, reflecting the potential for significant impact. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.06% (20% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-4436 is to upgrade the GPL Odorizers GPL750 (XL4) to version v20.0 or later, which includes the necessary security patches. If an immediate upgrade is not feasible, consider implementing network segmentation to restrict access to the Modbus interface. Implement strict access controls and authentication mechanisms to limit who can send Modbus commands. Monitor Modbus traffic for anomalous patterns and unexpected register value changes. Consider deploying a WAF or proxy with Modbus protocol filtering capabilities to block malicious requests. After upgrading, verify the fix by attempting to send a Modbus packet designed to manipulate the odorant injection logic; the system should reject the request.
Update the GPL750 (XL4) firmware to version 6.0 or higher to mitigate the vulnerability. The lack of authentication in critical functions allows for the manipulation of register values, which can result in incorrect odorant injection. Refer to the manufacturer's documentation for update instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-4436 is a high-severity vulnerability allowing remote attackers to manipulate odorant injection in GPL Odorizers GPL750 (XL4) via Modbus packets, potentially causing safety or environmental hazards.
Yes, if you are using GPL Odorizers GPL750 (XL4) versions 1.0.0 through v20.0, you are potentially affected by this vulnerability.
Upgrade to version v20.0 or later to resolve the vulnerability. Consider network segmentation and access controls as interim mitigations.
While no active exploitation has been confirmed, the vulnerability's nature and the widespread use of Modbus suggest a potential for exploitation.
Refer to the GPL Odorizers website or contact their support team for the official advisory regarding CVE-2026-4436.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.