CVE-2026-51541: n/a
OpENer 2.3.0 contains an out-of-bounds read vulnerability in its CIP message parsing component. This occurs when processing malformed explicit requests with a forged EPath size, causing the parser to read beyond the allocated stack buffer. The issue arises because the parser trusts an attacker-controlled path_size field that incorrectly claims more path words than are present. This can lead to memory safety violations during decoding of path segments.
AI Analysis
Technical Summary
CVE-2026-51541 describes an out-of-bounds read vulnerability in OpENer version 2.3.0 (commit 76b95cf). The vulnerability is triggered by sending a valid ENIP SendRRData frame with a CIP payload whose path_size field is forged to indicate more path words than actually exist. The CIP parser does not properly validate the path_size against the actual payload length, resulting in reads beyond the end of the stack receive buffer during path segment decoding. This memory safety flaw could potentially be exploited to cause application crashes or other unintended behavior.
Potential Impact
The vulnerability allows an attacker to cause out-of-bounds reads in the OpENer CIP message parser. This can lead to application instability or crashes. There is no information about code execution or data corruption impacts. No known exploits are reported in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, users should consider restricting or validating ENIP SendRRData frames from untrusted sources to prevent malformed CIP payloads with forged path_size fields.
CVE-2026-51541: n/a
Description
OpENer 2.3.0 contains an out-of-bounds read vulnerability in its CIP message parsing component. This occurs when processing malformed explicit requests with a forged EPath size, causing the parser to read beyond the allocated stack buffer. The issue arises because the parser trusts an attacker-controlled path_size field that incorrectly claims more path words than are present. This can lead to memory safety violations during decoding of path segments.
Affected software
pkg:github/eipstackgroup/OpENerRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-51541 describes an out-of-bounds read vulnerability in OpENer version 2.3.0 (commit 76b95cf). The vulnerability is triggered by sending a valid ENIP SendRRData frame with a CIP payload whose path_size field is forged to indicate more path words than actually exist. The CIP parser does not properly validate the path_size against the actual payload length, resulting in reads beyond the end of the stack receive buffer during path segment decoding. This memory safety flaw could potentially be exploited to cause application crashes or other unintended behavior.
Potential Impact
The vulnerability allows an attacker to cause out-of-bounds reads in the OpENer CIP message parser. This can lead to application instability or crashes. There is no information about code execution or data corruption impacts. No known exploits are reported in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, users should consider restricting or validating ENIP SendRRData frames from untrusted sources to prevent malformed CIP payloads with forged path_size fields.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-06-08T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a555d1568715ace43ecaafc
Added to database: 07/13/2026, 21:48:05 UTC
Last enriched: 07/13/2026, 22:03:26 UTC
Last updated: 07/14/2026, 03:48:51 UTC
Views: 11
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.