Libiec61850 Security Vulnerabilities and Issues — Libiec61850 CVE List

Lucene search

Mz-automationLibiec61850

11 matches found

CVE•added 2019/09/19 4:15 p.m.•104 views

CVE-2019-16510

libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose.

7.5CVSS7.5AI score0.00393EPSS

CVE•added 2019/12/23 3:15 a.m.•99 views

CVE-2019-19930

In libIEC61850 1.4.0, MmsValue_newOctetString in mms/iso_mms/common/mms_value.c has an integer signedness error that can lead to an attempted excessive memory allocation.

6.5CVSS6.4AI score0.00433EPSS

CVE•added 2019/12/23 3:15 a.m.•92 views

CVE-2019-19931

In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.

8.8CVSS8.7AI score0.00512EPSS

CVE•added 2019/12/24 10:15 p.m.•44 views

CVE-2019-19958

In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/string_utilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service.

6.5CVSS6.3AI score0.00433EPSS

CVE•added 2019/01/23 10:29 p.m.•36 views

CVE-2019-6719

An issue has been found in libIEC61850 v1.3.1. There is a use-after-free in the getState function in mms/iso_server/iso_server.c, as demonstrated by examples/server_example_goose/server_example_goose.c and examples/server_example_61400_25/server_example_61400_25.c.

7.5CVSS7.5AI score0.00393EPSS

CVE•added 2019/12/24 10:15 p.m.•35 views

CVE-2019-19957

In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength.

6.5CVSS6.3AI score0.00433EPSS

CVE•added 2019/01/11 5:29 p.m.•35 views

CVE-2019-6135

An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/memory/lib_memory.c has a memory leak when called from Asn1PrimitiveValue_create in mms/asn1/asn1_ber_primitive_value.c, as demonstrated by goose_publisher_example.c and iec61850_9_2_LE_example.c.

7.5CVSS7.5AI score0.00334EPSS

CVE•added 2019/01/11 5:29 p.m.•35 views

CVE-2019-6138

An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memory_calloc in hal/memory/lib_memory.c have memory leaks when called from mms/iso_mms/common/mms_value.c, server/mms_mapping/mms_mapping.c, and server/mms_mapping/mms_sv.c (via common/string_utilities.c), as demonstrated by iec61850...

7.5CVSS7.5AI score0.00334EPSS

CVE•added 2019/12/23 7:15 p.m.•34 views

CVE-2019-19944

In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos.

6.5CVSS6.4AI score0.00433EPSS

CVE•added 2019/07/15 6:15 p.m.•32 views

CVE-2019-1010300

mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet.

7.5CVSS7.5AI score0.00297EPSS

CVE•added 2019/01/11 5:29 p.m.•31 views

CVE-2019-6136

An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFilter in hal/ethernet/linux/ethernet_linux.c has a SEGV, as demonstrated by sv_subscriber_example.c and sv_subscriber.c.

7.5CVSS7.5AI score0.00334EPSS