CVE-2020-18731
Description
A segmentation violation in the Iec104_Deal_FirmUpdate function of IEC104 v1.0 allows attackers to cause a denial of service (DOS).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A null pointer dereference in IEC104 v1.0's Iec104_Deal_FirmUpdate function leads to denial of service.
Vulnerability
A segmentation violation occurs in the Iec104_Deal_FirmUpdate function of IEC104 v1.0 due to a null pointer dereference [1]. This vulnerability can be triggered via specially crafted input.
Exploitation
An attacker can cause the segmentation violation by sending a malicious IEC104 message to the vulnerable function, leading to a crash.
Impact
Successful exploitation results in a denial of service (DoS) due to program termination.
Mitigation
No patch or workaround has been disclosed in the available references. Users are advised to contact the maintainer or monitor for updates.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- IEC104/IEC104description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- cwe.mitre.org/data/definitions/476.htmlmitrex_refsource_MISC
- github.com/airpig2011/IEC104/issues/5mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.