Mz-Automation: >> Libiec61850 >> 1.3 Security Vulnerabilities
libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-09-19
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-11-12
An issue has been found in libIEC61850 v1.3. It is a SEGV in Ethernet_receivePacket in ethernet_bsd.c.
CVSS Score
4.3
EPSS Score
0.002
Published
2018-11-09
An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c.
CVSS Score
4.3
EPSS Score
0.003
Published
2018-11-09
An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the client_example_control program
CVSS Score
7.5
EPSS Score
0.003
Published
2018-11-07
An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goose/goose_publisher.c.
CVSS Score
9.8
EPSS Score
0.047
Published
2018-11-05
An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-11-05
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-10-30
Page 2