PT-2019-14678 · Unknown+1 · Libiec61850+1

C0D3Xpl0It

Publicado

2019-09-19

Atualizado

2024-08-19

CVE-2019-16510

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libIEC61850 versions prior to 1.3.4

Description The issue is related to a use-after-free in the MmsServer waitReady function located in the mms/iso mms/server/mms server.c file. This can be demonstrated using the server example goose.

Recommendations For libIEC61850 versions prior to 1.3.4, update to version 1.3.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the MmsServer waitReady function in mms/iso mms/server/mms server.c until a patch is available.

Exploit

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALT-PU-2020-3467

ALT-PU-2020-3487

ALT-PU-2024-11160

CVE-2019-16510

Produtos afetados

Alt Linux

Libiec61850

PT-2019-14678 · Unknown+1 · Libiec61850+1

CVE-2019-16510

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3