Vendor CVEs
Mz Automation
All CVEs
39 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-45969 | Hig | 0.42 | 7.5 | 0.00 | Nov 15, 2024 | NULL pointer dereference in the MMS Client in MZ Automation LibIEC1850 before commit 7afa40390b26ad1f4cf93deaa0052fe7e357ef33 allows a malicious server to Cause a Denial-of-Service via the MMS InitiationResponse message. | ||
| CVE-2018-18957 | 0.03 | — | 0.12 | Nov 5, 2018 | An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goose/goose_publisher.c. | |||
| CVE-2024-45970 | 0.00 | — | 0.01 | Nov 15, 2024 | Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cause a stack-based buffer overflow via the MMS FileDirResponse message. | |||
| CVE-2024-45971 | 0.00 | — | 0.01 | Nov 15, 2024 | Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message. | |||
| CVE-2024-36702 | 0.00 | — | 0.00 | Jun 11, 2024 | libiec61850 v1.5 was discovered to contain a heap overflow via the BerEncoder_encodeLength function at /asn1/ber_encoder.c. | |||
| CVE-2024-28286 | 0.00 | — | 0.01 | Mar 20, 2024 | In mz-automation libiec61850 v1.4.0, a NULL Pointer Dereference was detected in the mmsServer_handleFileCloseRequest.c function of src/mms/iso_mms/server/mms_file_service.c. The vulnerability manifests as SEGV and causes the application to crash | |||
| CVE-2024-26529 | 0.00 | — | 0.01 | Mar 13, 2024 | An issue in mz-automation libiec61850 v.1.5.3 and before, allows a remote attacker to cause a denial of service (DoS) via the mmsServer_handleDeleteNamedVariableListRequest function of src/mms/iso_mms/server/mms_named_variable_list_service.c. | |||
| CVE-2024-25366 | 0.00 | — | 0.01 | Feb 20, 2024 | Buffer Overflow vulnerability in mz-automation.de libiec61859 v.1.4.0 allows a remote attacker to cause a denial of service via the mmsServer_handleGetNameListRequest function to the mms_getnamelist_service component. | |||
| CVE-2023-27772 | 0.00 | — | 0.01 | Apr 13, 2023 | libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObjectClient_setOrigin() at /client/client_control.c. | |||
| CVE-2023-23205 | 0.00 | — | 0.00 | Feb 24, 2023 | An issue was discovered in lib60870 v2.3.2. There is a memory leak in lib60870/lib60870-C/examples/multi_client_server/multi_client_server.c. | |||
| CVE-2022-3976 | 0.00 | — | 0.00 | Nov 13, 2022 | A vulnerability has been found in MZ Automation libiec61850 up to 1.4 and classified as critical. This vulnerability affects unknown code of the file src/mms/iso_mms/client/mms_client_files.c of the component MMS File Services. The manipulation of the argument filename leads to… | |||
| CVE-2022-2970 | 0.00 | — | 0.01 | Sep 23, 2022 | MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) does not sanitize input before memcpy is used, which could allow an attacker to crash the device or remotely execute arbitrary code. | |||
| CVE-2022-2972 | 0.00 | — | 0.01 | Sep 23, 2022 | MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) is vulnerable to a stack-based buffer overflow, which could allow an attacker to crash the device or remotely execute arbitrary code. | |||
| CVE-2022-2971 | 0.00 | — | 0.01 | Sep 23, 2022 | MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) accesses a resource using an incompatible type, which could allow an attacker to crash the server with a malicious payload. | |||
| CVE-2022-2973 | 0.00 | — | 0.01 | Sep 23, 2022 | MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) uses a NULL pointer in certain situations. which could allow an attacker to crash the server. | |||
| CVE-2022-21159 | 0.00 | — | 0.02 | Apr 15, 2022 | A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ Automation GmbH libiec61850 1.5.0. A specially-crafted series of network requests can lead to denial of service. An attacker can send a sequence of malformed iec61850 messages to… | |||
| CVE-2022-1302 | 0.00 | — | 0.01 | Apr 12, 2022 | In the MZ Automation LibIEC61850 in versions prior to 1.5.1 an unauthenticated attacker can craft a goose message, which may result in a denial of service. | |||
| CVE-2021-45773 | 0.00 | — | 0.01 | Jan 14, 2022 | A NULL pointer dereference in CS104_IPAddress_setFromString at src/iec60870/cs104/cs104_slave.c of lib60870 commit 0d5e76e can lead to a segmentation fault or application crash. | |||
| CVE-2021-45769 | 0.00 | — | 0.01 | Jan 14, 2022 | A NULL pointer dereference in AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 v1.5.0 can lead to a segmentation fault or application crash. | |||
| CVE-2021-21778 | 0.00 | — | 0.01 | Aug 25, 2021 | A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability. | |||
| CVE-2020-15158 | 0.00 | — | 0.02 | Aug 26, 2020 | In libIEC61850 before version 1.4.3, when a message with COTP message length field with value < 4 is received an integer underflow will happen leading to heap buffer overflow. This can cause an application crash or on some platforms even the execution of remote code. If your… | |||
| CVE-2020-7054 | 0.00 | — | 0.01 | Jan 14, 2020 | MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 through 1.4.0 has a heap-based buffer overflow when parsing the MMS_BIT_STRING data type. | |||
| CVE-2019-19958 | 0.00 | — | 0.01 | Dec 24, 2019 | In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/string_utilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service. | |||
| CVE-2019-19957 | 0.00 | — | 0.01 | Dec 24, 2019 | In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength. | |||
| CVE-2019-19944 | 0.00 | — | 0.01 | Dec 23, 2019 | In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos. | |||
| CVE-2019-19931 | 0.00 | — | 0.01 | Dec 23, 2019 | In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow. | |||
| CVE-2019-16510 | 0.00 | — | 0.01 | Sep 19, 2019 | libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose. | |||
| CVE-2019-1010300 | 0.00 | — | 0.01 | Jul 15, 2019 | mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet. | |||
| CVE-2019-6719 | 0.00 | — | 0.01 | Jan 23, 2019 | An issue has been found in libIEC61850 v1.3.1. There is a use-after-free in the getState function in mms/iso_server/iso_server.c, as demonstrated by examples/server_example_goose/server_example_goose.c and examples/server_example_61400_25/server_example_61400_25.c. | |||
| CVE-2019-6137 | 0.00 | — | 0.01 | Jan 11, 2019 | An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in link_layer/link_layer.c has a NULL pointer dereference. | |||
| CVE-2019-6138 | 0.00 | — | 0.01 | Jan 11, 2019 | An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memory_calloc in hal/memory/lib_memory.c have memory leaks when called from mms/iso_mms/common/mms_value.c, server/mms_mapping/mms_mapping.c, and server/mms_mapping/mms_sv.c (via common/string_utilities.c), as… | |||
| CVE-2019-6135 | 0.00 | — | 0.02 | Jan 11, 2019 | An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/memory/lib_memory.c has a memory leak when called from Asn1PrimitiveValue_create in mms/asn1/asn1_ber_primitive_value.c, as demonstrated by goose_publisher_example.c and iec61850_9_2_LE_example.c. | |||
| CVE-2019-6136 | 0.00 | — | 0.01 | Jan 11, 2019 | An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFilter in hal/ethernet/linux/ethernet_linux.c has a SEGV, as demonstrated by sv_subscriber_example.c and sv_subscriber.c. | |||
| CVE-2018-19185 | 0.00 | — | 0.02 | Nov 12, 2018 | An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector. | |||
| CVE-2018-19121 | 0.00 | — | 0.01 | Nov 9, 2018 | An issue has been found in libIEC61850 v1.3. It is a SEGV in Ethernet_receivePacket in ethernet_bsd.c. | |||
| CVE-2018-19122 | 0.00 | — | 0.01 | Nov 9, 2018 | An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c. | |||
| CVE-2018-19093 | 0.00 | — | 0.02 | Nov 7, 2018 | An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the client_example_control program | |||
| CVE-2018-18937 | 0.00 | — | 0.02 | Nov 5, 2018 | An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c. | |||
| CVE-2018-18834 | 0.00 | — | 0.02 | Oct 30, 2018 | An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. |
- risk 0.42cvss 7.5epss 0.00
NULL pointer dereference in the MMS Client in MZ Automation LibIEC1850 before commit 7afa40390b26ad1f4cf93deaa0052fe7e357ef33 allows a malicious server to Cause a Denial-of-Service via the MMS InitiationResponse message.
- CVE-2018-18957Nov 5, 2018risk 0.03cvss —epss 0.12
An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goose/goose_publisher.c.
- CVE-2024-45970Nov 15, 2024risk 0.00cvss —epss 0.01
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cause a stack-based buffer overflow via the MMS FileDirResponse message.
- CVE-2024-45971Nov 15, 2024risk 0.00cvss —epss 0.01
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message.
- CVE-2024-36702Jun 11, 2024risk 0.00cvss —epss 0.00
libiec61850 v1.5 was discovered to contain a heap overflow via the BerEncoder_encodeLength function at /asn1/ber_encoder.c.
- CVE-2024-28286Mar 20, 2024risk 0.00cvss —epss 0.01
In mz-automation libiec61850 v1.4.0, a NULL Pointer Dereference was detected in the mmsServer_handleFileCloseRequest.c function of src/mms/iso_mms/server/mms_file_service.c. The vulnerability manifests as SEGV and causes the application to crash
- CVE-2024-26529Mar 13, 2024risk 0.00cvss —epss 0.01
An issue in mz-automation libiec61850 v.1.5.3 and before, allows a remote attacker to cause a denial of service (DoS) via the mmsServer_handleDeleteNamedVariableListRequest function of src/mms/iso_mms/server/mms_named_variable_list_service.c.
- CVE-2024-25366Feb 20, 2024risk 0.00cvss —epss 0.01
Buffer Overflow vulnerability in mz-automation.de libiec61859 v.1.4.0 allows a remote attacker to cause a denial of service via the mmsServer_handleGetNameListRequest function to the mms_getnamelist_service component.
- CVE-2023-27772Apr 13, 2023risk 0.00cvss —epss 0.01
libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObjectClient_setOrigin() at /client/client_control.c.
- CVE-2023-23205Feb 24, 2023risk 0.00cvss —epss 0.00
An issue was discovered in lib60870 v2.3.2. There is a memory leak in lib60870/lib60870-C/examples/multi_client_server/multi_client_server.c.
- CVE-2022-3976Nov 13, 2022risk 0.00cvss —epss 0.00
A vulnerability has been found in MZ Automation libiec61850 up to 1.4 and classified as critical. This vulnerability affects unknown code of the file src/mms/iso_mms/client/mms_client_files.c of the component MMS File Services. The manipulation of the argument filename leads to…
- CVE-2022-2970Sep 23, 2022risk 0.00cvss —epss 0.01
MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) does not sanitize input before memcpy is used, which could allow an attacker to crash the device or remotely execute arbitrary code.
- CVE-2022-2972Sep 23, 2022risk 0.00cvss —epss 0.01
MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) is vulnerable to a stack-based buffer overflow, which could allow an attacker to crash the device or remotely execute arbitrary code.
- CVE-2022-2971Sep 23, 2022risk 0.00cvss —epss 0.01
MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) accesses a resource using an incompatible type, which could allow an attacker to crash the server with a malicious payload.
- CVE-2022-2973Sep 23, 2022risk 0.00cvss —epss 0.01
MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) uses a NULL pointer in certain situations. which could allow an attacker to crash the server.
- CVE-2022-21159Apr 15, 2022risk 0.00cvss —epss 0.02
A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ Automation GmbH libiec61850 1.5.0. A specially-crafted series of network requests can lead to denial of service. An attacker can send a sequence of malformed iec61850 messages to…
- CVE-2022-1302Apr 12, 2022risk 0.00cvss —epss 0.01
In the MZ Automation LibIEC61850 in versions prior to 1.5.1 an unauthenticated attacker can craft a goose message, which may result in a denial of service.
- CVE-2021-45773Jan 14, 2022risk 0.00cvss —epss 0.01
A NULL pointer dereference in CS104_IPAddress_setFromString at src/iec60870/cs104/cs104_slave.c of lib60870 commit 0d5e76e can lead to a segmentation fault or application crash.
- CVE-2021-45769Jan 14, 2022risk 0.00cvss —epss 0.01
A NULL pointer dereference in AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 v1.5.0 can lead to a segmentation fault or application crash.
- CVE-2021-21778Aug 25, 2021risk 0.00cvss —epss 0.01
A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability.
- CVE-2020-15158Aug 26, 2020risk 0.00cvss —epss 0.02
In libIEC61850 before version 1.4.3, when a message with COTP message length field with value < 4 is received an integer underflow will happen leading to heap buffer overflow. This can cause an application crash or on some platforms even the execution of remote code. If your…
- CVE-2020-7054Jan 14, 2020risk 0.00cvss —epss 0.01
MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 through 1.4.0 has a heap-based buffer overflow when parsing the MMS_BIT_STRING data type.
- CVE-2019-19958Dec 24, 2019risk 0.00cvss —epss 0.01
In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/string_utilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service.
- CVE-2019-19957Dec 24, 2019risk 0.00cvss —epss 0.01
In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength.
- CVE-2019-19944Dec 23, 2019risk 0.00cvss —epss 0.01
In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos.
- CVE-2019-19931Dec 23, 2019risk 0.00cvss —epss 0.01
In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.
- CVE-2019-16510Sep 19, 2019risk 0.00cvss —epss 0.01
libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose.
- CVE-2019-1010300Jul 15, 2019risk 0.00cvss —epss 0.01
mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet.
- CVE-2019-6719Jan 23, 2019risk 0.00cvss —epss 0.01
An issue has been found in libIEC61850 v1.3.1. There is a use-after-free in the getState function in mms/iso_server/iso_server.c, as demonstrated by examples/server_example_goose/server_example_goose.c and examples/server_example_61400_25/server_example_61400_25.c.
- CVE-2019-6137Jan 11, 2019risk 0.00cvss —epss 0.01
An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in link_layer/link_layer.c has a NULL pointer dereference.
- CVE-2019-6138Jan 11, 2019risk 0.00cvss —epss 0.01
An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memory_calloc in hal/memory/lib_memory.c have memory leaks when called from mms/iso_mms/common/mms_value.c, server/mms_mapping/mms_mapping.c, and server/mms_mapping/mms_sv.c (via common/string_utilities.c), as…
- CVE-2019-6135Jan 11, 2019risk 0.00cvss —epss 0.02
An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/memory/lib_memory.c has a memory leak when called from Asn1PrimitiveValue_create in mms/asn1/asn1_ber_primitive_value.c, as demonstrated by goose_publisher_example.c and iec61850_9_2_LE_example.c.
- CVE-2019-6136Jan 11, 2019risk 0.00cvss —epss 0.01
An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFilter in hal/ethernet/linux/ethernet_linux.c has a SEGV, as demonstrated by sv_subscriber_example.c and sv_subscriber.c.
- CVE-2018-19185Nov 12, 2018risk 0.00cvss —epss 0.02
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector.
- CVE-2018-19121Nov 9, 2018risk 0.00cvss —epss 0.01
An issue has been found in libIEC61850 v1.3. It is a SEGV in Ethernet_receivePacket in ethernet_bsd.c.
- CVE-2018-19122Nov 9, 2018risk 0.00cvss —epss 0.01
An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c.
- CVE-2018-19093Nov 7, 2018risk 0.00cvss —epss 0.02
An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the client_example_control program
- CVE-2018-18937Nov 5, 2018risk 0.00cvss —epss 0.02
An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c.
- CVE-2018-18834Oct 30, 2018risk 0.00cvss —epss 0.02
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c.