Home

Description

EIPStackGroup OpENer 2.3.0 (commit 76b95cf) has an out-of-bounds read issue in Connection Manager handling of ForwardOpen requests when processing short malformed packets. An attacker can send a valid ENIP outer frame carrying a malformed CIP ForwardOpen/LargeForwardOpen request, causing the parser to continue reading fields even when request data is insufficient. This issue is remotely triggerable via network traffic and does not require authentication.

PUBLISHED Reserved 2026-06-08 | Published 2026-07-13 | Updated 2026-07-14 | Assigner mitre

References

github.com/EIPStackGroup/OpENer/issues/564 exploit

github.com/EIPStackGroup/OpENer/issues/564

gist.github.com/MrAlaskan/a5fb0fb7765c9df80d28220ed558f04e

cve.org (CVE-2026-51537)

nvd.nist.gov (CVE-2026-51537)

Download JSON