CVE-2025-53476

Summary

A denial of service vulnerability exists in the ModbusTCP server functionality of OpenPLC _v3 a931181e8b81e36fadf7b74d5cba99b73c3f6d58. A specially crafted series of network connections can lead to the server not processing subsequent Modbus requests. An attacker can open a series of TCP connections to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
OpenPLCOpenPLC_v3a931181e8b81e36fadf7b74d5cba99b73c3f6d58affected

Weaknesses

  • CWE-775: CWE-775: Missing Release of File Descriptor or Handle after Effective Lifetime

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References