GPL Odorizers GPL750 Missing Authentication for Critical Function
Summary
| CVE | CVE-2026-4436 |
|---|---|
| State | PUBLISHED |
| Assigner | icscert |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-04-09 20:16:27 UTC |
| Updated | 2026-04-13 15:02:27 UTC |
| Description | A low-privileged remote attacker can send Modbus packets to manipulate register values that are inputs to the odorant injection logic such that too much or too little odorant is injected into a gas line. |
Risk And Classification
Primary CVSS: v3.1 8.6 HIGH from [email protected]
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
EPSS: 0.000630000 probability, percentile 0.197060000 (date 2026-04-15)
Problem Types: CWE-306 | CWE-306 CWE-306
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Secondary | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N |
| 3.1 | CNA | CVSS | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N |
CVSS v3.1 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | GPL Odorizers | GPL750 XL4 | affected v1.0 v6.0 custom | Not specified |
| CNA | GPL Odorizers | GPL750 XL4 Prime | affected v4.0 v6.0 custom | Not specified |
| CNA | GPL Odorizers | GPL Odorizers GPL750 XL7 | affected v13.0 v20.0 custom | Not specified |
| CNA | GPL Odorizers | GPL Odorizers GPL750 XL7 Prime | affected v18.4 v20.0 custom | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| lincenergysystems-my.sharepoint.com/:f:/p/h_baer/IgDYaHIhXpyLQJvnKPd6b80TAUgV7Lp8qmVYBFUb0lmr7ak | [email protected] | lincenergysystems-my.sharepoint.com | |
| www.cisa.gov/news-events/ics-advisories/icsa-26-099-02 | [email protected] | www.cisa.gov | |
| github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-09... | [email protected] | github.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: An anonymous researcher reported this vulnerability to CISA. (en)
Additional Advisory Data
Solutions
CNA: GPL Odorizers recommends users update to the latest software version of the GPL750 in connection with the latest firmware from Horner Automation for the XL4, XL4 Prime, XL7, and XL7 Prime devices.https://lincenergysystems-my.sharepoint.com/:f:/p/h_baer/IgDYaHIhXpyLQJvnKPd6b80TAUgV7Lp8qmVYBFUb0lmr7ak?e=JLeADm. https://lincenergysystems-my.sharepoint.com/:f:/p/h_baer/IgDYaHIhXpyLQJvnKPd6b80TAUgV7Lp8qmVYBFUb0lmr7ak?e=JLeADm
CNA: GPL Odorizers recommends users clear the old files from their microSD cards, keeping only the LOGS folder and the FIRMWARE.LIC file if they have a WebMI license. The compressed folder downloaded from the link above can then be extracted to the root directory of the microSD card. These files already include the corresponding firmware update. If users do not have IT permissions to access their microSD cards, GPL Odorizers can provide preconfigured SD cards that technicians can simply swap into their odorizers prior to installation.
CNA: For assistance in updating GPL Odorizers to the latest version, users should reach out to GPL Odorizers directly via phone number (303) 697-6701 during the hours of 8:00 a.m. to 4:00 p.m. MST.
CNA: Horner Automation offers firmware version 15.76 for their XL Series and version 17.30 for their XL Prime Series controllers. An installation guide is available for both the XL series and the XL Prime series. https://hornerautomation.com/controller-firmware/