Filtered by vendor Mz-automation
Subscribe
Search
Total
15 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21159 | 1 Mz-automation | 1 Libiec61850 | 2022-04-25 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ Automation GmbH libiec61850 1.5.0. A specially-crafted series of network requests can lead to denial of service. An attacker can send a sequence of malformed iec61850 messages to trigger this vulnerability. | |||||
| CVE-2021-45773 | 1 Mz-automation | 1 Lib60870 | 2022-01-22 | 5.0 MEDIUM | 7.5 HIGH |
| A NULL pointer dereference in CS104_IPAddress_setFromString at src/iec60870/cs104/cs104_slave.c of lib60870 commit 0d5e76e can lead to a segmentation fault or application crash. | |||||
| CVE-2021-45769 | 1 Mz-automation | 1 Libiec61850 | 2022-01-21 | 5.0 MEDIUM | 7.5 HIGH |
| A NULL pointer dereference in AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 v1.5.0 can lead to a segmentation fault or application crash. | |||||
| CVE-2021-21778 | 1 Mz-automation | 1 Lib60870 | 2021-08-31 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability. | |||||
| CVE-2019-6136 | 1 Mz-automation | 1 Libiec61850 | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFilter in hal/ethernet/linux/ethernet_linux.c has a SEGV, as demonstrated by sv_subscriber_example.c and sv_subscriber.c. | |||||
| CVE-2019-6135 | 1 Mz-automation | 1 Libiec61850 | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/memory/lib_memory.c has a memory leak when called from Asn1PrimitiveValue_create in mms/asn1/asn1_ber_primitive_value.c, as demonstrated by goose_publisher_example.c and iec61850_9_2_LE_example.c. | |||||
| CVE-2019-6138 | 1 Mz-automation | 1 Libiec61850 | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memory_calloc in hal/memory/lib_memory.c have memory leaks when called from mms/iso_mms/common/mms_value.c, server/mms_mapping/mms_mapping.c, and server/mms_mapping/mms_sv.c (via common/string_utilities.c), as demonstrated by iec61850_9_2_LE_example.c. | |||||
| CVE-2020-7054 | 1 Mz-automation | 1 Libiec61850 | 2020-01-24 | 6.8 MEDIUM | 8.8 HIGH |
| MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 through 1.4.0 has a heap-based buffer overflow when parsing the MMS_BIT_STRING data type. | |||||
| CVE-2019-19931 | 1 Mz-automation | 1 Libiec61850 | 2019-12-30 | 6.8 MEDIUM | 8.8 HIGH |
| In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow. | |||||
| CVE-2018-19093 | 1 Mz-automation | 1 Libiec61850 | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the client_example_control program. | |||||
| CVE-2019-16510 | 1 Mz-automation | 1 Libiec61850 | 2019-09-19 | 5.0 MEDIUM | 7.5 HIGH |
| libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose. | |||||
| CVE-2019-1010300 | 1 Mz-automation | 1 Libiec61850 | 2019-07-22 | 5.0 MEDIUM | 7.5 HIGH |
| mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet. | |||||
| CVE-2019-6719 | 1 Mz-automation | 1 Libiec61850 | 2019-02-07 | 5.0 MEDIUM | 7.5 HIGH |
| An issue has been found in libIEC61850 v1.3.1. There is a use-after-free in the getState function in mms/iso_server/iso_server.c, as demonstrated by examples/server_example_goose/server_example_goose.c and examples/server_example_61400_25/server_example_61400_25.c. | |||||
| CVE-2019-6137 | 1 Mz-automation | 1 Lib60870 | 2019-01-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in link_layer/link_layer.c has a NULL pointer dereference. | |||||
| CVE-2018-18937 | 1 Mz-automation | 1 Libiec61850 | 2018-12-07 | 5.0 MEDIUM | 7.5 HIGH |
| An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c. | |||||