Mz-Automation: >> Lib60870 >> 2.2.0 Security Vulnerabilities
A NULL pointer dereference in CS104_IPAddress_setFromString at src/iec60870/cs104/cs104_slave.c of lib60870 commit 0d5e76e can lead to a segmentation fault or application crash.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-01-14
A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability.
CVSS Score
7.5
EPSS Score
0.005
Published
2021-08-25