Libiec61850
Source repositories
CVEs (35)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-19957 | 0.00 | — | 0.01 | Dec 24, 2019 | In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength. | |||
| CVE-2019-19944 | 0.00 | — | 0.01 | Dec 23, 2019 | In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos. | |||
| CVE-2019-19931 | 0.00 | — | 0.01 | Dec 23, 2019 | In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow. | |||
| CVE-2019-16510 | 0.00 | — | 0.01 | Sep 19, 2019 | libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose. | |||
| CVE-2019-1010300 | 0.00 | — | 0.01 | Jul 15, 2019 | mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet. | |||
| CVE-2019-6719 | 0.00 | — | 0.01 | Jan 23, 2019 | An issue has been found in libIEC61850 v1.3.1. There is a use-after-free in the getState function in mms/iso_server/iso_server.c, as demonstrated by examples/server_example_goose/server_example_goose.c and examples/server_example_61400_25/server_example_61400_25.c. | |||
| CVE-2019-6135 | 0.00 | — | 0.02 | Jan 11, 2019 | An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/memory/lib_memory.c has a memory leak when called from Asn1PrimitiveValue_create in mms/asn1/asn1_ber_primitive_value.c, as demonstrated by goose_publisher_example.c and iec61850_9_2_LE_example.c. | |||
| CVE-2019-6136 | 0.00 | — | 0.01 | Jan 11, 2019 | An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFilter in hal/ethernet/linux/ethernet_linux.c has a SEGV, as demonstrated by sv_subscriber_example.c and sv_subscriber.c. | |||
| CVE-2019-6138 | 0.00 | — | 0.01 | Jan 11, 2019 | An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memory_calloc in hal/memory/lib_memory.c have memory leaks when called from mms/iso_mms/common/mms_value.c, server/mms_mapping/mms_mapping.c, and server/mms_mapping/mms_sv.c (via common/string_utilities.c), as… | |||
| CVE-2018-19185 | 0.00 | — | 0.02 | Nov 12, 2018 | An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector. | |||
| CVE-2018-19122 | 0.00 | — | 0.01 | Nov 9, 2018 | An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c. | |||
| CVE-2018-19121 | 0.00 | — | 0.01 | Nov 9, 2018 | An issue has been found in libIEC61850 v1.3. It is a SEGV in Ethernet_receivePacket in ethernet_bsd.c. | |||
| CVE-2018-19093 | 0.00 | — | 0.02 | Nov 7, 2018 | An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the client_example_control program | |||
| CVE-2018-18937 | 0.00 | — | 0.02 | Nov 5, 2018 | An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c. | |||
| CVE-2018-18834 | 0.00 | — | 0.02 | Oct 30, 2018 | An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. |
- CVE-2019-19957Dec 24, 2019risk 0.00cvss —epss 0.01
In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength.
- CVE-2019-19944Dec 23, 2019risk 0.00cvss —epss 0.01
In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos.
- CVE-2019-19931Dec 23, 2019risk 0.00cvss —epss 0.01
In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.
- CVE-2019-16510Sep 19, 2019risk 0.00cvss —epss 0.01
libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose.
- CVE-2019-1010300Jul 15, 2019risk 0.00cvss —epss 0.01
mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet.
- CVE-2019-6719Jan 23, 2019risk 0.00cvss —epss 0.01
An issue has been found in libIEC61850 v1.3.1. There is a use-after-free in the getState function in mms/iso_server/iso_server.c, as demonstrated by examples/server_example_goose/server_example_goose.c and examples/server_example_61400_25/server_example_61400_25.c.
- CVE-2019-6135Jan 11, 2019risk 0.00cvss —epss 0.02
An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/memory/lib_memory.c has a memory leak when called from Asn1PrimitiveValue_create in mms/asn1/asn1_ber_primitive_value.c, as demonstrated by goose_publisher_example.c and iec61850_9_2_LE_example.c.
- CVE-2019-6136Jan 11, 2019risk 0.00cvss —epss 0.01
An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFilter in hal/ethernet/linux/ethernet_linux.c has a SEGV, as demonstrated by sv_subscriber_example.c and sv_subscriber.c.
- CVE-2019-6138Jan 11, 2019risk 0.00cvss —epss 0.01
An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memory_calloc in hal/memory/lib_memory.c have memory leaks when called from mms/iso_mms/common/mms_value.c, server/mms_mapping/mms_mapping.c, and server/mms_mapping/mms_sv.c (via common/string_utilities.c), as…
- CVE-2018-19185Nov 12, 2018risk 0.00cvss —epss 0.02
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector.
- CVE-2018-19122Nov 9, 2018risk 0.00cvss —epss 0.01
An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c.
- CVE-2018-19121Nov 9, 2018risk 0.00cvss —epss 0.01
An issue has been found in libIEC61850 v1.3. It is a SEGV in Ethernet_receivePacket in ethernet_bsd.c.
- CVE-2018-19093Nov 7, 2018risk 0.00cvss —epss 0.02
An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the client_example_control program
- CVE-2018-18937Nov 5, 2018risk 0.00cvss —epss 0.02
An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c.
- CVE-2018-18834Oct 30, 2018risk 0.00cvss —epss 0.02
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c.
Page 2 of 2