Vulnerabilities > CVE-2019-6719 - Use After Free vulnerability in Mz-Automation Libiec61850 1.3.1

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
mz-automation
CWE-416

Summary

An issue has been found in libIEC61850 v1.3.1. There is a use-after-free in the getState function in mms/iso_server/iso_server.c, as demonstrated by examples/server_example_goose/server_example_goose.c and examples/server_example_61400_25/server_example_61400_25.c.

Vulnerable Configurations

Part Description Count
Application
Mz-Automation
1

Common Weakness Enumeration (CWE)