EUVD-2026-21066
GHSA-frgm-v97w-x7w6
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Lifecycle Timeline
3Tags
Description
A low-privileged remote attacker can send Modbus packets to manipulate register values that are inputs to the odorant injection logic such that too much or too little odorant is injected into a gas line.
Analysis
Unauthenticated remote attackers can manipulate Modbus register inputs in GPL Odorizers GPL750 industrial control systems (XL4, XL4 Prime, XL7, XL7 Prime variants across versions 1.0-20.0), causing incorrect odorant injection volumes into natural gas distribution pipelines. Authentication bypass (CWE-306) via network-accessible Modbus interface permits direct register value tampering without credential validation, enabling safety-critical process manipulation. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all GPL Odorizers GPL750 devices (XL4, XL4 Prime, XL7, XL7 Prime) and document network connectivity; notify plant operations and safety teams of the vulnerability. Within 7 days: Implement network segmentation to isolate Modbus interfaces from untrusted networks; enable access control lists restricting Modbus port access to authorized engineering workstations only; deploy network monitoring on Modbus traffic for anomalous register write attempts. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today