Libiec61850 Security Vulnerabilities and Issues — Libiec61850 CVE List

Lucene search

Mz-automationLibiec61850

33 matches found

CVE•added 2024/02/20 4:15 p.m.•4262 views

CVE-2024-25366

Buffer Overflow vulnerability in mz-automation.de libiec61859 v.1.4.0 allows a remote attacker to cause a denial of service via the mmsServer_handleGetNameListRequest function to the mms_getnamelist_service component.

6.2CVSS6.8AI score0.00714EPSS

CVE•added 2019/09/19 4:15 p.m.•104 views

CVE-2019-16510

libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose.

7.5CVSS7.5AI score0.00393EPSS

CVE•added 2023/04/13 6:15 p.m.•102 views

CVE-2023-27772

libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObjectClient_setOrigin() at /client/client_control.c.

7.5CVSS7.5AI score0.00175EPSS

CVE•added 2019/12/23 3:15 a.m.•99 views

CVE-2019-19930

In libIEC61850 1.4.0, MmsValue_newOctetString in mms/iso_mms/common/mms_value.c has an integer signedness error that can lead to an attempted excessive memory allocation.

6.5CVSS6.4AI score0.00433EPSS

CVE•added 2019/12/23 3:15 a.m.•92 views

CVE-2019-19931

In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.

8.8CVSS8.7AI score0.00512EPSS

CVE•added 2022/04/12 8:15 a.m.•72 views

CVE-2022-1302

In the MZ Automation LibIEC61850 in versions prior to 1.5.1 an unauthenticated attacker can craft a goose message, which may result in a denial of service.

7.5CVSS7.4AI score0.0098EPSS

CVE•added 2022/04/15 4:15 p.m.•64 views

CVE-2022-21159

A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ Automation GmbH libiec61850 1.5.0. A specially-crafted series of network requests can lead to denial of service. An attacker can send a sequence of malformed iec61850 messages to trigger this vulnerability...

7.5CVSS7.3AI score0.00547EPSS

CVE•added 2018/11/05 10:29 p.m.•58 views

CVE-2018-18957

An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goose/goose_publisher.c.

9.8CVSS9.7AI score0.08069EPSS

CVE•added 2024/06/11 7:16 p.m.•49 views

CVE-2024-36702

libiec61850 v1.5 was discovered to contain a heap overflow via the BerEncoder_encodeLength function at /asn1/ber_encoder.c.

7.4CVSS7.7AI score0.00089EPSS

CVE•added 2018/11/07 7:29 p.m.•46 views

CVE-2018-19093

An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the client_example_control program

7.5CVSS7.5AI score0.00334EPSS

CVE•added 2022/09/23 4:15 p.m.•46 views

CVE-2022-2972

MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) is vulnerable to a stack-based buffer overflow, which could allow an attacker to crash the device or remotely execute arbitrary code.

10CVSS9.8AI score0.00313EPSS

CVE•added 2022/11/13 2:15 p.m.•46 views

CVE-2022-3976

A vulnerability has been found in MZ Automation libiec61850 up to 1.4 and classified as critical. This vulnerability affects unknown code of the file src/mms/iso_mms/client/mms_client_files.c of the component MMS File Services. The manipulation of the argument filename leads to path traversal. Upgr...

8.8CVSS7.3AI score0.00048EPSS

CVE•added 2022/09/23 4:15 p.m.•45 views

CVE-2022-2970

MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) does not sanitize input before memcpy is used, which could allow an attacker to crash the device or remotely execute arbitrary code.

10CVSS9.8AI score0.00273EPSS

CVE•added 2019/12/24 10:15 p.m.•44 views

CVE-2019-19958

In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/string_utilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service.

6.5CVSS6.3AI score0.00433EPSS

CVE•added 2018/11/09 11:29 a.m.•42 views

CVE-2018-19122

An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c.

4.3CVSS4.6AI score0.0026EPSS

CVE•added 2022/01/14 8:15 p.m.•41 views

CVE-2021-45769

A NULL pointer dereference in AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 v1.5.0 can lead to a segmentation fault or application crash.

7.5CVSS7.4AI score0.00281EPSS

CVE•added 2022/09/23 4:15 p.m.•41 views

CVE-2022-2971

MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) accesses a resource using an incompatible type, which could allow an attacker to crash the server with a malicious payload.

8.6CVSS8AI score0.00099EPSS

CVE•added 2020/01/14 9:15 p.m.•39 views

CVE-2020-7054

MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 through 1.4.0 has a heap-based buffer overflow when parsing the MMS_BIT_STRING data type.

8.8CVSS8.9AI score0.00661EPSS

CVE•added 2024/03/21 2:52 a.m.•37 views

CVE-2024-28286

In mz-automation libiec61850 v1.4.0, a NULL Pointer Dereference was detected in the mmsServer_handleFileCloseRequest.c function of src/mms/iso_mms/server/mms_file_service.c. The vulnerability manifests as SEGV and causes the application to crash

7.5CVSS6.7AI score0.0009EPSS

CVE•added 2018/11/05 9:29 a.m.•36 views

CVE-2018-18937

An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c.

7.5CVSS7.5AI score0.00336EPSS

CVE•added 2019/01/23 10:29 p.m.•36 views

CVE-2019-6719

An issue has been found in libIEC61850 v1.3.1. There is a use-after-free in the getState function in mms/iso_server/iso_server.c, as demonstrated by examples/server_example_goose/server_example_goose.c and examples/server_example_61400_25/server_example_61400_25.c.

7.5CVSS7.5AI score0.00393EPSS

CVE•added 2018/11/12 5:29 a.m.•35 views

CVE-2018-19185

An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector.

9.8CVSS9.7AI score0.00459EPSS

CVE•added 2019/12/24 10:15 p.m.•35 views

CVE-2019-19957

In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength.

6.5CVSS6.3AI score0.00433EPSS

CVE•added 2019/01/11 5:29 p.m.•35 views

CVE-2019-6135

An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/memory/lib_memory.c has a memory leak when called from Asn1PrimitiveValue_create in mms/asn1/asn1_ber_primitive_value.c, as demonstrated by goose_publisher_example.c and iec61850_9_2_LE_example.c.

7.5CVSS7.5AI score0.00334EPSS

CVE•added 2019/01/11 5:29 p.m.•35 views

CVE-2019-6138

An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memory_calloc in hal/memory/lib_memory.c have memory leaks when called from mms/iso_mms/common/mms_value.c, server/mms_mapping/mms_mapping.c, and server/mms_mapping/mms_sv.c (via common/string_utilities.c), as demonstrated by iec61850...

7.5CVSS7.5AI score0.00334EPSS

CVE•added 2022/09/23 4:15 p.m.•35 views

CVE-2022-2973

MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) uses a NULL pointer in certain situations. which could allow an attacker to crash the server.

8.6CVSS7.9AI score0.00124EPSS

CVE•added 2019/12/23 7:15 p.m.•34 views

CVE-2019-19944

In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos.

6.5CVSS6.4AI score0.00433EPSS

CVE•added 2024/03/13 8:15 a.m.•34 views

CVE-2024-26529

An issue in mz-automation libiec61850 v.1.5.3 and before, allows a remote attacker to cause a denial of service (DoS) via the mmsServer_handleDeleteNamedVariableListRequest function of src/mms/iso_mms/server/mms_named_variable_list_service.c.

7.5CVSS6.8AI score0.00605EPSS

CVE•added 2018/10/30 6:29 a.m.•33 views

CVE-2018-18834

An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c.

9.8CVSS9.6AI score0.00459EPSS

CVE•added 2020/08/26 6:15 p.m.•33 views

CVE-2020-15158

In libIEC61850 before version 1.4.3, when a message with COTP message length field with value

9.8CVSS8.8AI score0.0238EPSS

CVE•added 2019/07/15 6:15 p.m.•32 views

CVE-2019-1010300

mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet.

7.5CVSS7.5AI score0.00297EPSS

CVE•added 2019/01/11 5:29 p.m.•31 views

CVE-2019-6136

An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFilter in hal/ethernet/linux/ethernet_linux.c has a SEGV, as demonstrated by sv_subscriber_example.c and sv_subscriber.c.

7.5CVSS7.5AI score0.00334EPSS

CVE•added 2018/11/09 11:29 a.m.•30 views

CVE-2018-19121

An issue has been found in libIEC61850 v1.3. It is a SEGV in Ethernet_receivePacket in ethernet_bsd.c.

4.3CVSS4.6AI score0.00222EPSS