SCA: security update for openc3 (GHSA-4jvx-93h3-f45h)

medium Tenable Cloud Security Plugin ID 440747

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more
embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, OpenC3 COSMOS contains a design flaw in the
save_tool_config() function that allows saving tool configuration files at arbitrary locations inside the
shared /plugins directory tree by supplying crafted configuration filenames. Although the implementation
sufficiently mitigates standard path traversal attacks, by canonicalizing filename to an absolute path,
all plugins share this same root directory. That enables users to create arbitrary file structures and
overwrite existing configuration files within the shared /plugins directory. This issue has been patched
in versions 6.10.5 and 7.0.0-rc3. (CVE-2026-42085)

Solution

Update the openc3 library and its related packages to version 6.10.5 or later.

See Also

https://github.com/advisories/GHSA-4jvx-93h3-f45h

Plugin Details

Severity: Medium

ID: 440747

Version: Revision 1.6

Type: Local

Family: SCA Checks

Published: 4/23/2026

Updated: 5/30/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 1.2

Percentile: 0.01

Vendor

Vendor Severity: Medium

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 3.1

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N

CVSS Score Source: CVE-2026-42085

CVSS v3

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.9

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/22/2026

Vulnerability Publication Date: 4/22/2026

Reference Information

CVE: CVE-2026-42085

cwe: CWE-23