Authenticated File Write Vulnerability in OpenPLC Runtime by OpenPLC
CVE-2026-14480
8.7HIGH
What is CVE-2026-14480?
OpenPLC Runtime v3 has a vulnerability in its legacy web UI program-upload workflow, allowing authenticated users to write arbitrary files to any directory accessible by the webserver. The flaw occurs due to improper validation of the file path provided by the user, as it directly influences the storage location in the Programs.File database. Attackers can exploit this by uploading malicious files, such as a C++ source file, which can lead to arbitrary code execution during the compilation process when the program is executed. This vulnerability poses significant risks, as it can allow attackers to take complete control of the affected system.
Affected Version(s)
OpenPLC v3
OpenPLC v4
References
CVSS V4
Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Grady DeRosa reported this vulnerability to CISA.
