Mz-automation Libiec61850

35 CVEs affecting Mz-automation Libiec61850. Latest disclosed: 2024-11-15. Critical: 7, High: 20.

Top CVEs affecting Mz-automation Libiec61850
CVESeverityScorePublishedSummary
CVE-2022-2972Critical10.02022-09-23MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) is vulnerable to a stack-based buffe…
CVE-2022-2970Critical10.02022-09-23MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) does not sanitize input before memcp…
CVE-2024-45971Critical9.82024-11-15Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cau…
CVE-2024-45970Critical9.82024-11-15Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cau…
CVE-2018-19185Critical9.82018-11-12An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable…
CVE-2018-18957Critical9.82018-11-05An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goose/goose_publisher.c.
CVE-2018-18834Critical9.82018-10-30An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c.
CVE-2020-7054High8.82020-01-14MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 through 1.4.0 has a heap-based buffer overflow when parsing the MMS_BIT_STRING…
CVE-2019-19931High8.82019-12-23In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.
CVE-2022-2973High8.62022-09-23MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) uses a NULL pointer in certain situa…
CVE-2022-2971High8.62022-09-23MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) accesses a resource using an incompa…
CVE-2020-15158High7.72020-08-26In libIEC61850 before version 1.4.3, when a message with COTP message length field with value < 4 is received an integer underflow will happen leading to heap…
CVE-2024-28286High7.52024-03-21In mz-automation libiec61850 v1.4.0, a NULL Pointer Dereference was detected in the mmsServer_handleFileCloseRequest.c function of src/mms/iso_mms/server/mms_f…
CVE-2024-26529High7.52024-03-13An issue in mz-automation libiec61850 v.1.5.3 and before, allows a remote attacker to cause a denial of service (DoS) via the mmsServer_handleDeleteNamedVariab…
CVE-2023-27772High7.52023-04-13libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObjectClient_setOrigin() at /client/client_control.c.
CVE-2022-21159High7.52022-04-15A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ Automation GmbH libiec61850 1.5.0. A specially-crafted series of…
CVE-2022-1302High7.52022-04-12In the MZ Automation LibIEC61850 in versions prior to 1.5.1 an unauthenticated attacker can craft a goose message, which may result in a denial of service.
CVE-2021-45769High7.52022-01-14A NULL pointer dereference in AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 v1.5.0 can lead to a segmentation fault or application cras…
CVE-2019-16510High7.52019-09-19libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose.
CVE-2019-1010300High7.52019-07-15mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The…