CVE-2025-34226

HIGH

OpenPLC Runtime v3 - Persistent Denial of Service via Malformed Epoch Time in Program Upload

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-34226. PoCs published by Eyodav.

AI-analyzed exploit summary The PoC demonstrates a persistent DoS vulnerability in OpenPLC Runtime V3 via the `/upload-program-action` endpoint by manipulating the `epoch_time` parameter, leading to database corruption and application failure.

Description

OpenPLC Runtime v3 contains an input validation flaw in the /upload-program-action endpoint: the epoch_time field supplied during program uploads is not validated and can be crafted to induce corruption of the programs database. After a successful malformed upload the runtime continues to operate until a restart; on restart the runtime can fail to start because of corrupted database entries, resulting in persistent denial of service requiring complete rebase of the product to recover. This vulnerability was remediated by commit 095ee09.

Exploits (1)

nomisec WORKING POC

by Eyodav · poc

https://github.com/Eyodav/CVE-2025-34226

View Code ZIP pw:eip

The PoC demonstrates a persistent DoS vulnerability in OpenPLC Runtime V3 via the `/upload-program-action` endpoint by manipulating the `epoch_time` parameter, leading to database corruption and application failure.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: OpenPLC Runtime V3

Auth required

Prerequisites: Authenticated session · Access to `/upload-program-action` endpoint

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Various Sources product

https://autonomylogic.com/

Various Sources issue-tracking

https://openplc.discussion.community/post/persistant-dos-affecting-openplc-runtime-13722844

Patch patch

https://github.com/thiagoralves/OpenPLC_v3/pull/297/commits/095ee09623dd229b64ad3a1db38a901a3772f6fc

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/openplc-runtime-v3-persistent-denial-of-service

Scores

CVSS v4 7.1

EPSS 0.0060

EPSS Percentile 44.1%

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-20 CWE-664

Status published

Products (2)

Autonomy Logic/OpenPLC Runtime 3.0 - 095ee09623dd229b64ad3a1db38a901a3772f6fc

Autonomy Logic/OpenPLC Runtime 3.0 - commit 095ee09

Published Oct 03, 2025

Tracked Since Feb 18, 2026