CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1302 – Malformed Goose Message in LibIEC61850 may result in a denial of service
https://notcve.org/view.php?id=CVE-2022-1302
In the MZ Automation LibIEC61850 in versions prior to 1.5.1 an unauthenticated attacker can craft a goose message, which may result in a denial of service. En el MZ Automation LibIEC61850 en versiones anteriores a 1.5.1 un atacante no autenticado puede diseñar un mensaje de ganso, lo que puede resultar en una denegación de servicio • https://libiec61850.com/new-release-1-5-1-of-libiec61850 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2020-15158 – Heap buffer overflow in libIEC61850
https://notcve.org/view.php?id=CVE-2020-15158
In libIEC61850 before version 1.4.3, when a message with COTP message length field with value < 4 is received an integer underflow will happen leading to heap buffer overflow. This can cause an application crash or on some platforms even the execution of remote code. If your application is used in open networks or there are untrusted nodes in the network it is highly recommend to apply the patch. This was patched with commit 033ab5b. Users of version 1.4.x should upgrade to version 1.4.3 when available. • https://github.com/mz-automation/libiec61850/commit/033ab5b6488250c8c3b838f25a7cbc3e099230bb https://github.com/mz-automation/libiec61850/issues/250 https://github.com/mz-automation/libiec61850/security/advisories/GHSA-pq77-fmf7-hjw8 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-7054
https://notcve.org/view.php?id=CVE-2020-7054
MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 through 1.4.0 has a heap-based buffer overflow when parsing the MMS_BIT_STRING data type. La función MmsValue_decodeMmsData en el archivo mms/iso_mms/server/mms_access_result.c en libIEC61850 versión 1.4.0, presenta un desbordamiento de búfer en la región heap de la memoria cuando se analiza el tipo de datos MMS_BIT_STRING. • https://github.com/mz-automation/libiec61850/issues/200 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-19958
https://notcve.org/view.php?id=CVE-2019-19958
In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/string_utilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service. En libIEC61850 versión 1.4.0, la función StringUtils_createStringFromBuffer en el archivo common/string_utilities.c presenta un problema con la propiedad signedness de enteros que podría conllevar un intento de asignación excesiva de memoria y una denegación de servicio. • https://github.com/mz-automation/libiec61850/issues/198 • CWE-681: Incorrect Conversion between Numeric Types CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-19957
https://notcve.org/view.php?id=CVE-2019-19957
In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength. En libIEC61850 versión 1.4.0, la función getNumberOfElements en el archivo mms/iso_mms/server/mms_access_result.c presenta una vulnerabilidad de lectura fuera de límites, relacionada con bufPos y elementLength. • https://github.com/mz-automation/libiec61850/issues/197 • CWE-125: Out-of-bounds Read •