...
Grid Protection Alliance
Grid Solutions Division

Command Execution via Modified Adapter Code Injection in openPDC and openHistorian

July 2026
Vulnerability
...

Date Published: November 21, 2024

Affects: openPDC v2.9.318 and earlier, openHistorian v2.8.423 and earlier

Severity: Low

Overview

A criticial vulnerability has been identified in both openPDC and openHistorian, which allows an attacker with access to an authenticated user account and write access to the file system, to perform command execution by leveraging a vulnerability in the adapter loading mechanism. This flaw can potentially lead to the remote execution of arbitrary code while impersonating the account of the openPDC or openhistorian service, allowing an attacker to execute unauthorized code on affected systems.

Vulnerability Details

The vulnerability occurs when a user has access to the file system and is able to create a custom openPDC//openHsitorian adapter. The software does not verify authenticity or integrity of custom adapters when loading them. This allows an attacker to specify a malicous section of code that is designed to look like a standard openPDC or openHistorian adapter, enabling them to gain command execution privileges.

Impact

If successfully exploited, an attacker could:

Execute arbitrary commands on the target system with the privileges of the affected application.

Potentially gain remote control of the affected system, compromising its integrity, confidentiality, and availability.

The severity of this vulnerability depends on the application configuration, but it could lead to a full system compromise in the most critical scenarios.

Mitigation/Remediation

GPA has added additional verification and integration checks of adapters in openHistorian verion 2.8.580 and later and openPDC version 2.9.477 and later.

In the meantime the following actions can prevent an attacher from exploiting this vulnerability:

Restrict system permissions: Apply the principle of least privilege by ensuring that the openPDC and openHistorian services run with minimal privileges to reduce the impact of a successful attack.

Restrict write access to the openPDC and openHistorian root folder to required accounts only. This prevents an attacker from adding any malicous code that triggers this vulnerability.

Ensure password complexity requirments are sufficent: In order to exploit this vulnerability an attacker needs access to an authenticated user account.

Monitor logs for unusual activity: Review system and application logs for signs of unauthorized file writes or attempts to exploit this vulnerability.

Use updated anti malware and make use of regular malware scans on the system. All GPA provided assemblies are signed with a digital signature, and GPA is happy to provide hash information for all files that are installed as part of the application.

Disclaimer

The information provided in this advisory is provided "as is" and does not guarantee the security of systems. We strongly recommend that users apply patches as soon as they are available and follow best practices for securing systems against known vulnerabilities. A vulnerability has been identified in both openPDC and openHistorian, which allows an attacker to perform command execution by leveraging unsigned custom adapters. Based on typical deployments and migitation available via the use of standard security practices, this has been classified as low.