Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2019-12480

Published: 30/05/2019 Updated: 19/07/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 506
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Bacnet Protocol Stack Project

Vulnerability Summary

BACnet Protocol Stack up to and including 0.8.6 has a segmentation fault leading to denial of service in BACnet APDU Layer because a malformed DCC in AtomicWriteFile, AtomicReadFile and DeviceCommunicationControl services. An unauthenticated remote attacker could cause a denial of service (bacserv daemon crash) because there is an invalid read in bacdcode.c during parsing of alarm tag numbers.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

bacnet protocol stack project bacnet protocol stack

Exploits

Exploit DB: BACnet Stack 0.8.6 - Denial of Service
# Exploit Title: BACnet Stack 086 - Denial of Service # Google Dork: [if applicable] # Date: 2019-07-19 # Exploit Author: mmorillo # Vendor Homepage: sourceforgenet/p/bacnet/ # Software Link: sourceforgenet/projects/bacnet/files/bacnet-stack/bacnet-stack-086/ # Version: bacnet-stack-086 # Tested on: Linux # CVE: CVE-2019-124 ...
Exploit DB: BACnet Stack 0.8.6 Denial Of Service
BACnet Stack version 086 suffers from a denial of service vulnerability ...

Github Repositories

https://github.com/whoami-chmod777/Awesome-Industrial-Protocols

Awesome Industrial Protocols Compilation of industrial network protocols resources focusing on offensive security In this repository: You are currently viewing the Awesome Industrial Protocols page Detailed pages for protocols are available in protocols All data is stored in MongoDB databases in db Turn/IP (in srcs) is a handy tool to manipulate this data, generate the aw

https://github.com/biero-el-corridor/OT_ICS_ressource_list

My personal OT resource list, gather throughout research and internet adventure.

OT_Resource_List My personal OT resource list, gathered through research and internet adventures Information If you are here to search for resources and mass information on different protocols and concepts, I advise you to go directly to the sections ics_ressource_pcap_dataset_collection, ICS_Lab_Setup_And_Hacking_Tutorial, and ICS_news_outlet The rest is just a compilation o

https://github.com/Orange-Cyberdefense/awesome-industrial-protocols

Security-oriented list of resources about industrial network protocols.

Awesome Industrial Protocols Compilation of industrial network protocols resources focusing on offensive security In this repository: You are currently viewing the Awesome Industrial Protocols page Detailed pages for protocols are available in protocols All data is stored in MongoDB databases in db Turn/IP (in srcs) is a handy tool to manipulate this data, generate the aw

References

CWE-125https://sourceforge.net/p/bacnet/bugs/62/https://sourceforge.net/p/bacnet/code/3220https://sourceforge.net/p/bacnet/code/3224https://sourceforge.net/p/bacnet/code/3225https://sourceforge.net/p/bacnet/code/3223http://packetstormsecurity.com/files/153716/BACnet-Stack-0.8.6-Denial-Of-Service.htmlhttps://1modm.github.io/CVE-2019-12480.htmlhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/47148https://github.com/biero-el-corridor/OT_ICS_ressource_list
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367CVE-2024-35977CVE-2023-49335man-in-the-middleCVE-2024-4947CVE-2024-31714memory leakSQLCVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook