Login Sign Up

CVE-2021-43083

8.8 HIGH
Denial of Service

📋 TL;DR

This vulnerability in Apache PLC4X's C implementation (PLC4C) allows unsigned integer underflow in the TCP transport layer. Attackers could exploit this by tricking users into connecting to malicious industrial devices that send specially crafted responses. Only users of the PLC4C library who connect to untrusted devices are affected.

💻 Affected Systems

Products:
  • Apache PLC4X PLC4C (C language implementation)
Versions: Versions before 0.9.1
Operating Systems: All operating systems running PLC4C
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects the C implementation (PLC4C), not other PLC4X language implementations. Requires connecting to malicious or compromised devices.

📦 What is this software?

Plc4x by Apache

View all CVEs affecting Plc4x →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or disruption of industrial control systems.

🟠

Likely Case

Denial of service causing application crashes or instability in PLC communication systems.

🟢

If Mitigated

No impact if systems only connect to trusted devices and have proper network segmentation.

🌐 Internet-Facing: LOW - Exploitation requires active connection to malicious devices, not internet exposure alone.
🏢 Internal Only: MEDIUM - Industrial networks often have less security monitoring, but exploitation still requires connecting to compromised devices.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires the victim to actively connect to a malicious device. No public exploits known as of advisory date.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.9.1

Vendor Advisory: https://lists.apache.org/thread/jxx6qc84z60xbbhn6vp2s5qf09psrtc7

Restart Required: Yes

Instructions:

1. Download PLC4X version 0.9.1 or later from Apache repository. 2. Replace existing PLC4C library files with new version. 3. Recompile any applications using PLC4C. 4. Restart affected services.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict PLC4C applications to only connect to trusted, known-good industrial devices.

Firewall Rules

all

Implement strict firewall rules to prevent connections to unknown or untrusted devices.

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate PLC4C systems from untrusted networks
  • Deploy intrusion detection systems to monitor for unusual PLC communication patterns

🔍 How to Verify

Check if Vulnerable:

Check PLC4C library version - if below 0.9.1, system is vulnerable.

Check Version:

Check build configuration or library metadata for PLC4C version information

Verify Fix Applied:

Verify PLC4C version is 0.9.1 or higher after update.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes in PLC4C processes
  • Unexpected TCP connection resets from industrial devices

Network Indicators:

  • Unusual TCP packet sizes or malformed responses from industrial devices
  • Connections to unknown IP addresses on industrial ports

SIEM Query:

source="plc4c" AND (event_type="crash" OR event_type="error")

📊 Metadata

CVE ID: CVE-2021-43083
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-119
Published: December 19, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-43083, you might also want to check these:

CVE-2024-23613 10.0

A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthen...

Same vulnerability type (CWE-119)
CVE-2024-23615 10.0

A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated...

Same vulnerability type (CWE-119)
CVE-2026-2776 10.0

This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect ...

Same vulnerability type (CWE-119)