CVE-2026-51537

CVE-2026-51537CVE-2026-51537

Description

EIPStackGroup OpENer 2.3.0 (commit 76b95cf) has an out-of-bounds read issue in Connection Manager handling of ForwardOpen requests when processing short malformed packets. An attacker can send a valid ENIP outer frame carrying a malformed CIP ForwardOpen/LargeForwardOpen request, causing the parser to continue reading fields even when request data is insufficient. This issue is remotely triggerable via network traffic and does not require authentication.

Scoring

Last modified2026-07-13
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.