Software-Based PLC Flaws Enable Windows Box Code Execution

Claroty/Team82 disclosed multiple critical vulnerabilities in Opto 22 SoftPAC Project (<= 9.6) that allow unauthenticated remote control of the SoftPAC Agent over TCP port 22000, installation of unsigned firmware, zip-slip path traversal resulting in arbitrary SYSTEM file writes, and DLL hijacking to achieve SYSTEM remote code execution; researchers demonstrated a full PoC chain in a lab environment and recommend updating to the latest SoftPAC and restricting access to port 22000 and network segmentation as immediate mitigations.