Vulnerabilities > MZ Automation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-13 | CVE-2023-27772 | Improper Check for Unusual or Exceptional Conditions vulnerability in Mz-Automation Libiec61850 1.5.1 libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObjectClient_setOrigin() at /client/client_control.c. | 7.5 |
| 2023-02-24 | CVE-2023-23205 | Memory Leak vulnerability in Mz-Automation Lib60870 2.3.2 An issue was discovered in lib60870 v2.3.2. | 5.5 |
| 2022-11-13 | CVE-2022-3976 | Path Traversal vulnerability in Mz-Automation Libiec61850 A vulnerability has been found in MZ Automation libiec61850 up to 1.4 and classified as critical. | 8.8 |
| 2022-04-15 | CVE-2022-21159 | Infinite Loop vulnerability in Mz-Automation Libiec61850 1.5.0 A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ Automation GmbH libiec61850 1.5.0. | 5.0 |
| 2022-04-12 | CVE-2022-1302 | Unspecified vulnerability in Mz-Automation Libiec61850 In the MZ Automation LibIEC61850 in versions prior to 1.5.1 an unauthenticated attacker can craft a goose message, which may result in a denial of service. | 5.0 |
| 2022-01-14 | CVE-2021-45769 | NULL Pointer Dereference vulnerability in Mz-Automation Libiec61850 1.5.0 A NULL pointer dereference in AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 v1.5.0 can lead to a segmentation fault or application crash. | 5.0 |
| 2022-01-14 | CVE-2021-45773 | NULL Pointer Dereference vulnerability in Mz-Automation Lib60870 A NULL pointer dereference in CS104_IPAddress_setFromString at src/iec60870/cs104/cs104_slave.c of lib60870 commit 0d5e76e can lead to a segmentation fault or application crash. | 5.0 |
| 2021-08-25 | CVE-2021-21778 | Reachable Assertion vulnerability in Mz-Automation Lib60870 2.2.0 A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. | 5.0 |
| 2020-08-26 | CVE-2020-15158 | Integer Underflow (Wrap or Wraparound) vulnerability in Mz-Automation Libiec61850 In libIEC61850 before version 1.4.3, when a message with COTP message length field with value < 4 is received an integer underflow will happen leading to heap buffer overflow. | 7.5 |
| 2020-01-14 | CVE-2020-7054 | Out-of-bounds Write vulnerability in Mz-Automation Libiec61850 MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 through 1.4.0 has a heap-based buffer overflow when parsing the MMS_BIT_STRING data type. | 6.8 |