cbcvebase.

Mz-Automation Libiec61850 vulnerabilities

35 known vulnerabilities affecting mz-automation/libiec61850.

Total CVEs
35
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH20MEDIUM7

Vulnerabilities

Page 1 of 2
CVE-2018-18957P2CRITICALCVSS 9.8PoCv1.32018-11-05
CVE-2018-18957 [CRITICAL] CWE-787 CVE-2018-18957: An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuff An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goose/goose_publisher.c.
nvd
CVE-2022-2970P3CRITICALCVSS 9.8fixed in 1.5.02022-09-23
CVE-2022-2970 [CRITICAL] CWE-121 CVE-2022-2970: MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) does not sanitize input before memcpy is used, which could allow an attacker to crash the device or remotely execute arbitrary code.
nvd
CVE-2022-2972P3CRITICALCVSS 9.8fixed in 1.5.02022-09-23
CVE-2022-2972 [CRITICAL] CWE-121 CVE-2022-2972: MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) is vulnerable to a stack-based buffer overflow, which could allow an attacker to crash the device or remotely execute arbitrary code.
nvd
CVE-2024-45970P3CRITICALCVSS 9.8fixed in 1.6.02024-11-15
CVE-2024-45970 [CRITICAL] CWE-120 CVE-2024-45970: Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281 Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cause a stack-based buffer overflow via the MMS FileDirResponse message.
nvd
CVE-2024-45971P3CRITICALCVSS 9.8fixed in 1.6.02024-11-15
CVE-2024-45971 [CRITICAL] CWE-120 CVE-2024-45971: Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae0 Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message.
nvd
CVE-2020-15158P3CRITICALCVSS 9.8≥ 1.4.0, < 1.4.3fixed in 1.4.32020-08-26
CVE-2020-15158 [CRITICAL] CWE-119 CVE-2020-15158: In libIEC61850 before version 1.4.3, when a message with COTP message length field with value < 4 is In libIEC61850 before version 1.4.3, when a message with COTP message length field with value < 4 is received an integer underflow will happen leading to heap buffer overflow. This can cause an application crash or on some platforms even the execution of remote code. If your application is used in open networks or there are untrusted nodes in the
nvd
CVE-2022-3976P3HIGHCVSS 8.8fixed in 1.52022-11-13
CVE-2022-3976 [HIGH] CWE-22 CVE-2022-3976: A vulnerability has been found in MZ Automation libiec61850 up to 1.4 and classified as critical. Th A vulnerability has been found in MZ Automation libiec61850 up to 1.4 and classified as critical. This vulnerability affects unknown code of the file src/mms/iso_mms/client/mms_client_files.c of the component MMS File Services. The manipulation of the argument filename leads to path traversal. Upgrading to version 1.5 is able to address this issue. The n
nvd
CVE-2018-19185P3CRITICALCVSS 9.8v1.32018-11-12
CVE-2018-19185 [CRITICAL] CVE-2018-19185: An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encode An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector.
nvd
CVE-2018-18834P3CRITICALCVSS 9.8v1.32018-10-30
CVE-2018-18834 [CRITICAL] CWE-787 CVE-2018-18834: An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encode An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c.
nvd
CVE-2019-19931P3HIGHCVSS 8.8v1.4.02019-12-23
CVE-2019-19931 [HIGH] CWE-787 CVE-2019-19931: In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-ba In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.
nvd
CVE-2022-2971P3HIGHCVSS 7.5fixed in 1.5.02022-09-23
CVE-2022-2971 [HIGH] CWE-843 CVE-2022-2971: MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) accesses a resource using an incompatible type, which could allow an attacker to crash the server with a malicious payload.
nvd
CVE-2020-7054P3HIGHCVSS 8.8≤ 1.4.02020-01-14
CVE-2020-7054 [HIGH] CWE-787 CVE-2020-7054: MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 through 1.4.0 has a MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 through 1.4.0 has a heap-based buffer overflow when parsing the MMS_BIT_STRING data type.
nvd
CVE-2022-21159P3HIGHCVSS 7.5v1.5.02022-04-15
CVE-2022-21159 [HIGH] CWE-835 CVE-2022-21159: A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ Automa A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ Automation GmbH libiec61850 1.5.0. A specially-crafted series of network requests can lead to denial of service. An attacker can send a sequence of malformed iec61850 messages to trigger this vulnerability.
nvd
CVE-2022-1302P3HIGHCVSS 7.5fixed in 1.5.12022-04-12
CVE-2022-1302 [HIGH] CWE-20 CVE-2022-1302: In the MZ Automation LibIEC61850 in versions prior to 1.5.1 an unauthenticated attacker can craft a In the MZ Automation LibIEC61850 in versions prior to 1.5.1 an unauthenticated attacker can craft a goose message, which may result in a denial of service.
nvd
CVE-2022-2973P3HIGHCVSS 7.5fixed in 1.5.02022-09-23
CVE-2022-2973 [HIGH] CWE-476 CVE-2022-2973: MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) uses a NULL pointer in certain situations. which could allow an attacker to crash the server.
nvd
CVE-2019-1010300P3HIGHCVSS 7.5v1.3.0v1.3.1+2 more2019-07-15
CVE-2019-1010300 [HIGH] CWE-119 CVE-2019-1010300: mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet.
nvd
CVE-2024-28286P3HIGHCVSS 7.5v1.4.02024-03-21
CVE-2024-28286 [HIGH] CWE-476 CVE-2024-28286: In mz-automation libiec61850 v1.4.0, a NULL Pointer Dereference was detected in the mmsServer_handle In mz-automation libiec61850 v1.4.0, a NULL Pointer Dereference was detected in the mmsServer_handleFileCloseRequest.c function of src/mms/iso_mms/server/mms_file_service.c. The vulnerability manifests as SEGV and causes the application to crash
nvd
CVE-2023-27772P3HIGHCVSS 7.5v1.5.12023-04-13
CVE-2023-27772 [HIGH] CWE-754 CVE-2023-27772: libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObject libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObjectClient_setOrigin() at /client/client_control.c.
nvd
CVE-2024-26529P3HIGHCVSS 7.5≤ 1.5.32024-03-13
CVE-2024-26529 [HIGH] CVE-2024-26529: An issue in mz-automation libiec61850 v.1.5.3 and before, allows a remote attacker to cause a denial An issue in mz-automation libiec61850 v.1.5.3 and before, allows a remote attacker to cause a denial of service (DoS) via the mmsServer_handleDeleteNamedVariableListRequest function of src/mms/iso_mms/server/mms_named_variable_list_service.c.
nvd
CVE-2024-36702P3HIGHCVSS 7.4v1.52024-06-11
CVE-2024-36702 [HIGH] CWE-787 CVE-2024-36702: libiec61850 v1.5 was discovered to contain a heap overflow via the BerEncoder_encodeLength function libiec61850 v1.5 was discovered to contain a heap overflow via the BerEncoder_encodeLength function at /asn1/ber_encoder.c.
nvd
Mz-Automation Libiec61850 vulnerabilities | cvebase