EIPStackGroup OpENer 2.3.0 (commit 76b95cf) has an out-of...
Critical severity
Unreviewed
Published
Jul 14, 2026
to the GitHub Advisory Database
•
Updated Jul 14, 2026
Description
Published by the National Vulnerability Database
Jul 13, 2026
Published to the GitHub Advisory Database
Jul 14, 2026
Last updated
Jul 14, 2026
EIPStackGroup OpENer 2.3.0 (commit 76b95cf) has an out-of-bounds read issue in Connection Manager handling of ForwardOpen requests when processing short malformed packets. An attacker can send a valid ENIP outer frame carrying a malformed CIP ForwardOpen/LargeForwardOpen request, causing the parser to continue reading fields even when request data is insufficient. This issue is remotely triggerable via network traffic and does not require authentication.
References