Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Lifecycle Timeline
3DescriptionCVE.org
A low-privileged remote attacker can send Modbus packets to manipulate register values that are inputs to the odorant injection logic such that too much or too little odorant is injected into a gas line.
AnalysisAI
Unauthenticated remote attackers can manipulate Modbus register inputs in GPL Odorizers GPL750 industrial control systems (XL4, XL4 Prime, XL7, XL7 Prime variants across versions 1.0-20.0), causing incorrect odorant injection volumes into natural gas distribution pipelines. Authentication bypass (CWE-306) via network-accessible Modbus interface permits direct register value tampering without credential validation, enabling safety-critical process manipulation. No public exploit identified at time of analysis.
Technical ContextAI
Missing authentication on Modbus TCP/IP protocol implementation allows unrestricted register write operations. CVSS vector confirms network attack vector with no authentication requirement (PR:N). CWE-306 authentication bypass permits direct manipulation of PLC registers controlling odorant injection pump rates and volume calculations in industrial gas odorization equipment.
RemediationAI
Vendor-released patch: upgrade GPL750 (XL4) and (XL4 Prime) to v6.0 or later; upgrade GPL750 (XL7) and (XL7 Prime) to v20.0 or later per CISA advisory. Until patching, implement network segmentation isolating Modbus interfaces from untrusted networks, deploy industrial firewalls with strict IP whitelisting for PLC access, and enable authentication mechanisms on upstream SCADA/HMI systems. Monitor Modbus traffic for unexpected register write operations to addresses controlling odorant injection parameters. Advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-26-099-02
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-21066
GHSA-frgm-v97w-x7w6