CVE-2026-51218
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk8th percentile — higher than 8% of all known CVEs
Summary
A heap buffer overflow was discovered in the TS7Worker::PerformFunctionWrite() function (/core/s7_server.cpp) of snap7 v1.4.3. This vulnerability allows an attacker to cause a Denial of Service (DoS) by sending a crafted packet.
Risk Assessment
An attacker can remotely crash the snap7 server, disrupting communication with industrial devices and potentially causing production downtime.
Recommendation
Immediately update snap7 to version 1.4.4 or later if available. If an update is not possible, restrict access to the snap7 server to trusted networks and apply packet filtering.
Original NVD description (English source)
A heap buffer overflow in the TS7Worker::PerformFunctionWrite() function (/core/s7_server.cpp) of snap7 v1.4.3 allows attackers to cause a Denial of Service (DoS) via a crafted packet.

