OpenPLC_V3

Plan PatchCVSS 7.1ICS-CERT ICSA-25-273-05Sep 30, 2025

Manufacturing

Attack path

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

OpenPLC_V3 contains a vulnerability that causes the PLC runtime process to crash, resulting in denial of service. The vulnerability is not remotely exploitable and requires local access to trigger.

What this means

What could happen

An attacker with local access to the PLC could crash the runtime process, stopping all control logic execution and halting plant operations until the system is manually restarted.

Who's at risk

Manufacturing facilities using OpenPLC_V3 as their programmable logic controller should prioritize this update. OpenPLC_V3 is often deployed in small to mid-size manufacturing operations, water systems, and facilities using open-source ICS alternatives.

How it could be exploited

An attacker must have local access to the device running OpenPLC_V3. They would execute a local action (exact trigger not specified in advisory) that causes the runtime process to crash, stopping the PLC from executing its control logic.

Prerequisites

Local access to the OpenPLC_V3 device
Ability to execute commands or actions on the local system

Affects core PLC runtimeLocal access required but likely available to maintenance staff or compromised by insider threatNo known public exploitation but vulnerability is documented

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (1)

ProductAffected VersionsFix Status

OpenPLC_V3: <pull_request_#292<pull request #292pull request #292+

Remediation & Mitigation

0/3

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate OpenPLC_V3 to pull request #292 or later from the main GitHub repository

Long-term hardening

0/2

HARDENINGRestrict physical and local access to OpenPLC_V3 devices to authorized personnel only

HARDENINGEnsure OpenPLC_V3 devices are not accessible from the internet or business network; isolate them behind a firewall on a dedicated control system network

CVEs (1)

CVE-2025-54811

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/7a8d1bc7-c860-47d7-8318-ce96706c7e2e

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.