CVE-2024-45969

Name of the Vulnerable Software and Affected Versions MZ Automation LibIEC1850 versions before commit 7afa40390b26ad1f4cf93deaa0052fe7e357ef33

Description A NULL pointer dereference in the MMS Client of MZ Automation LibIEC1850 allows a malicious server to cause a Denial-of-Service via the MMS InitiationResponse message. This issue can be exploited by a malicious server, leading to a denial-of-service condition.

Recommendations For versions before commit 7afa40390b26ad1f4cf93deaa0052fe7e357ef33, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the MMS Client to minimize the risk of exploitation.