LibIEC61850 through 1.4.0 Out-of-bounds Write Vulnerability

Summary

LibIEC61850 through 1.4.0 suffers from out-of-bounds write vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at:https://github.com/mz-automation/libiec61850/issues/200


Details

MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 through 1.4.0 has a heap-based buffer overflow when parsing the MMS_BIT_STRING data type.

 

Vulnerable Systems:

LibIEC61850 through 1.4.0 

 

CVE Information:

CVE-2020-7054

 

Disclosure Timeline:
Published Date:1/14/2020

Categories: News