Plateforme
linux
Composant
openplc
Corrigé dans
3.0.1
CVE-2021-47770 describes a Remote Code Execution (RCE) vulnerability present in OpenPLC v3, specifically versions 3.0.0 through OpenPLC v3. This flaw allows authenticated attackers to inject malicious code through the hardware configuration interface, potentially granting them complete control over the PLC system. The vulnerability was published on January 21, 2026, and a fix is available in version 3.1.0.
Successful exploitation of CVE-2021-47770 allows an attacker with valid credentials to upload a custom hardware layer containing embedded reverse shell code. This code establishes a network connection to a specified IP address and port, effectively providing the attacker with a remote command execution shell on the PLC. The potential impact is severe, as an attacker could manipulate industrial processes, steal sensitive data, or disrupt operations. Given the nature of PLCs in critical infrastructure and industrial control systems, this vulnerability poses a significant risk of widespread operational disruption and potential safety hazards. The ability to remotely execute commands bypasses standard security controls, making it a particularly dangerous threat.
Exploitation context for CVE-2021-47770 is currently limited, but the potential for severe impact warrants immediate attention. Public proof-of-concept (POC) code may emerge, increasing the risk of exploitation. The vulnerability's impact on industrial control systems makes it a potential target for state-sponsored actors or financially motivated cybercriminals. The vulnerability was published on 2026-01-21.
Organizations utilizing OpenPLC v3 (3.0.0–OpenPLC v3) in industrial control systems, particularly those with remote access capabilities or shared network environments, are at significant risk. This includes manufacturing plants, energy facilities, and any other critical infrastructure relying on PLCs for automation and control.
• linux / server:
journalctl -u openplc | grep -i "hardware configuration"• linux / server:
ps aux | grep -i "reverse shell"• linux / server:
lsof -i :<suspicious_port>disclosure
Statut de l'Exploit
EPSS
0.28% (percentile 52%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2021-47770 is to upgrade OpenPLC to version 3.1.0 or later, which contains the fix. If an immediate upgrade is not feasible, consider implementing stricter access controls to the hardware configuration interface, limiting access to only authorized personnel. Network segmentation can also help to isolate the PLC from other systems, limiting the potential blast radius of a successful attack. Monitor network traffic for unusual connections originating from the PLC, particularly connections to external IP addresses and ports. Review and audit existing hardware configurations for any signs of tampering.
Actualice OpenPLC a la versión 3.1.0 o posterior para mitigar la vulnerabilidad de ejecución remota de código. La actualización corrige la forma en que se procesan las configuraciones de hardware, evitando la inyección de código malicioso. Consulte la documentación oficial de OpenPLC para obtener instrucciones detalladas sobre cómo actualizar el software.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2021-47770 is a Remote Code Execution vulnerability in OpenPLC v3 (3.0.0–OpenPLC v3) allowing authenticated attackers to inject malicious code and gain remote control.
You are affected if you are using OpenPLC versions 3.0.0 through OpenPLC v3 and have not upgraded to version 3.1.0 or later.
Upgrade OpenPLC to version 3.1.0 or later. Implement stricter access controls and network segmentation as interim measures.
While active exploitation is not currently confirmed, the potential for severe impact warrants immediate mitigation.
Refer to the official OpenPLC security advisories on their website or relevant security mailing lists.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.