Bacnet Protocol Stack 0.8.6 Denial Of Service Vulnerability

Summary

BACnet Protocol Stack through 0.8.6 could allow an unauthenticated, remote attacker to cause a denial of service (bacserv daemon crash) because there is an invalid read in bacdcode.c during parsing of alarm tag numbers.

Credit:

The information has been provided by Steve Karg
The original article can be found at: https://sourceforge.net/p/bacnet/bugs/62/


Details

Bacnet Protocol Stack is prone to a denial of service (DoS) vulnerability.This allow a remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources via certain vulnerable vectors.

Vulnerable Systems:

  • Bacnet Protocol Stack 0.8.6

CVE Information:

CVE-2019-12480

Disclosure Timeline:
Publish Date:05/30/2019

Categories: News