PT-2024-31863 · Unknown · Libiec61850

Mzillgit

Published

2024-11-15

Updated

2025-10-01

CVE-2024-45970

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions LibIEC61850 versions before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc

Description The issue is related to multiple buffer overflows in the MMS Client of LibIEC61850. A malicious server can cause a stack-based buffer overflow via the MMS FileDirResponse message. This can be exploited by a malicious server.

Recommendations For versions before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc, update to a version that includes the fix for the buffer overflow vulnerabilities. As a temporary workaround, consider restricting access to the MMS Client to minimize the risk of exploitation.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2024-45970

Affected Products

Libiec61850

PT-2024-31863 · Unknown · Libiec61850

CVE-2024-45970

Weakness Enumeration

Related Identifiers

Affected Products

References · 8