MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) does not sanitize input before memcpy is used, which could allow an attacker to crash the device or remotely execute arbitrary code.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HMz Automation Libiec61850
APPMz-Automation< 1.5.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
Related vulnerabilities
CVE-2024-45970CRITICAL9.8PL ✓ten sam produkt
Buffer overflow w MMS Client biblioteki LibIEC61850 (MZ Automation)
CVE-2024-45971CRITICAL9.8PL ✓ten sam produkt
Buffer overflow w MMS Client biblioteki LibIEC61850 — zdalne przejęcie kontroli
CVE-2022-2972CRITICAL10.0ten sam produkt
MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fb...
CVE-2018-19185CRITICAL9.8ten sam produkt
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetStrin...
CVE-2018-18957CRITICAL9.8ten sam produkt
An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goos...