ICS OpenPLC Runtime edit-user Authenticated Arbitrary File Upload Vulnerability (CVE-2025-54962)

Rule ID

1237532

Severity

Medium

Description

edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b allows authenticated users to upload arbitrary files (such as .html or .svg), and these are then publicly accessible under the /static URI.

Impact

Remote code execution

Recommendation

Update vendor's patch.

IPS Category

ICS threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Allow

References

CVE-2025-54962

T1059

Keywords

N/A

Date Created

2025/10/29

Last Updated

2025/11/04

This website uses cookies to ensure you get the best experience on our website.

Learn more