Mz-Automation: >> Lib60870 Security Vulnerabilities
An issue was discovered in lib60870 v2.3.2. There is a memory leak in lib60870/lib60870-C/examples/multi_client_server/multi_client_server.c.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-02-24
A NULL pointer dereference in CS104_IPAddress_setFromString at src/iec60870/cs104/cs104_slave.c of lib60870 commit 0d5e76e can lead to a segmentation fault or application crash.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-01-14
A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability.
CVSS Score
7.5
EPSS Score
0.005
Published
2021-08-25
An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in link_layer/link_layer.c has a NULL pointer dereference.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-01-11