Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries

Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification MMS protocol that, if successfully exploited, could have severe impacts in industrial environments. "The vulnerabilities could allow an attacker to crash an industrial...

CVE-2022-2971 MZ Automation libIEC61850 Access of Resource Using Incompatible Type ('Type Confusion')

MZ Automation's libIEC61850 versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e accesses a resource using an incompatible type, which could allow an attacker to crash the server with a malicious payload...

CVE-2022-2971

CVE-2022-2971 affects MZ Automation libIEC61850 (versions 1.4 and prior; 1.5 prior to commit a3b04b7) and is a type confusion vulnerability that could cause the server to crash when handling a malicious payload. The available documents identify the root cause as accessing a resource using an inco...

CVE-2022-2971 MZ Automation libIEC61850 Access of Resource Using Incompatible Type ('Type Confusion')

MZ Automation's libIEC61850 versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e accesses a resource using an incompatible type, which could allow an attacker to crash the server with a malicious payload...

CVE-2022-2971

creationtimestamp| type| source ---|---|--- 2022-09-09 18:30:04+00:00| seen| https://t.me/truesecator/3399 2022-09-09 19:20:23+00:00| seen| https://t.me/icscert/596 2022-09-23 20:43:49+00:00| seen| https://t.me/cibsecurity/50361...