Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mz-automation libiec61850 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-1010300
mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet.
Mz-automation Libiec61850 1.3.1
Mz-automation Libiec61850 1.3.0
Mz-automation Libiec61850 1.3.2
8.8
CVSSv3
CVE-2022-3976
A vulnerability has been found in MZ Automation libiec61850 up to 1.4 and classified as critical. This vulnerability affects unknown code of the file src/mms/iso_mms/client/mms_client_files.c of the component MMS File Services. The manipulation of the argument filename leads to p...
Mz-automation Libiec61850
7.5
CVSSv3
CVE-2022-2973
MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) uses a NULL pointer in certain situations. which could allow an malicious user to crash the server.
Mz-automation Libiec61850
7.5
CVSSv3
CVE-2019-16510
libIEC61850 up to and including 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose.
Mz-automation Libiec61850
8.8
CVSSv3
CVE-2020-7054
MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 up to and including 1.4.0 has a heap-based buffer overflow when parsing the MMS_BIT_STRING data type.
Mz-automation Libiec61850
9.8
CVSSv3
CVE-2020-15158
In libIEC61850 before version 1.4.3, when a message with COTP message length field with value < 4 is received an integer underflow will happen leading to heap buffer overflow. This can cause an application crash or on some platforms even the execution of remote code. If your a...
Mz-automation Libiec61850
7.5
CVSSv3
CVE-2022-1302
In the MZ Automation LibIEC61850 in versions before 1.5.1 an unauthenticated attacker can craft a goose message, which may result in a denial of service.
Mz-automation Libiec61850
9.8
CVSSv3
CVE-2022-2970
MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) does not sanitize input before memcpy is used, which could allow an malicious user to crash the device or remotely execute arbitrary code.
Mz-automation Libiec61850
7.5
CVSSv3
CVE-2022-2971
MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) accesses a resource using an incompatible type, which could allow an malicious user to crash the server with a malicious payload.
Mz-automation Libiec61850
9.8
CVSSv3
CVE-2022-2972
MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) is vulnerable to a stack-based buffer overflow, which could allow an malicious user to crash the device or remotely execute arbitrary code.
Mz-automation Libiec61850
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »