Vulnerabilities > MZ Automation

DATE CVE VULNERABILITY TITLE RISK
2021-08-25 CVE-2021-21778 Reachable Assertion vulnerability in Mz-Automation Lib60870 2.2.0
A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0.
network
low complexity
mz-automation CWE-617
5.0
2020-08-26 CVE-2020-15158 Integer Underflow (Wrap or Wraparound) vulnerability in Mz-Automation Libiec61850
In libIEC61850 before version 1.4.3, when a message with COTP message length field with value < 4 is received an integer underflow will happen leading to heap buffer overflow.
network
low complexity
mz-automation CWE-191
7.5
2020-01-14 CVE-2020-7054 Out-of-bounds Write vulnerability in Mz-Automation Libiec61850
MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 through 1.4.0 has a heap-based buffer overflow when parsing the MMS_BIT_STRING data type.
6.8
2019-12-24 CVE-2019-19957 Out-of-bounds Read vulnerability in Mz-Automation Libiec61850 1.4.0
In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength.
4.3
2019-12-24 CVE-2019-19958 Allocation of Resources Without Limits or Throttling vulnerability in Mz-Automation Libiec61850 1.4.0
In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/string_utilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service.
4.3
2019-12-23 CVE-2019-19944 Out-of-bounds Read vulnerability in Mz-Automation Libiec61850 1.4.0
In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos.
4.3
2019-12-23 CVE-2019-19930 Integer Overflow or Wraparound vulnerability in Mz-Automation Libiec61850 1.4.0
In libIEC61850 1.4.0, MmsValue_newOctetString in mms/iso_mms/common/mms_value.c has an integer signedness error that can lead to an attempted excessive memory allocation.
4.3
2019-12-23 CVE-2019-19931 Out-of-bounds Write vulnerability in Mz-Automation Libiec61850 1.4.0
In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.
6.8
2019-09-19 CVE-2019-16510 Use After Free vulnerability in Mz-Automation Libiec61850
libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose.
network
low complexity
mz-automation CWE-416
5.0
2019-07-15 CVE-2019-1010300 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mz-Automation Libiec61850 1.3.0/1.3.1/1.3.2
mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow.
network
low complexity
mz-automation CWE-119
5.0