Michael Zillgith

6 exploits Active since Aug 2020
CVE-2022-3976 WRITEUP MEDIUM WRITEUP
libiec61850 < 1.5 - Path Traversal in MMS File Services
A vulnerability has been found in MZ Automation libiec61850 up to 1.4 and classified as critical. This vulnerability affects unknown code of the file src/mms/iso_mms/client/mms_client_files.c of the component MMS File Services. The manipulation of the argument filename leads to path traversal. Upgrading to version 1.5 is able to address this issue. The name of the patch is 10622ba36bb3910c151348f1569f039ecdd8786f. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-213556.
CVSS 5.5
CVE-2020-15158 WRITEUP HIGH WRITEUP
libIEC61850 <1.4.3 - Buffer Overflow
In libIEC61850 before version 1.4.3, when a message with COTP message length field with value < 4 is received an integer underflow will happen leading to heap buffer overflow. This can cause an application crash or on some platforms even the execution of remote code. If your application is used in open networks or there are untrusted nodes in the network it is highly recommend to apply the patch. This was patched with commit 033ab5b. Users of version 1.4.x should upgrade to version 1.4.3 when available. As a workaround changes of commit 033ab5b can be applied to older versions.
CVSS 7.7
CVE-2023-27772 WRITEUP HIGH WRITEUP
libiec61850 v1.5.1 - Denial of Service via ControlObjectClient_setOrigin()
libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObjectClient_setOrigin() at /client/client_control.c.
CVSS 7.5
CVE-2024-45969 WRITEUP HIGH WRITEUP
MZ Automation LibIEC1850 - NULL Pointer Dereference in MMS Client
NULL pointer dereference in the MMS Client in MZ Automation LibIEC1850 before commit 7afa40390b26ad1f4cf93deaa0052fe7e357ef33 allows a malicious server to Cause a Denial-of-Service via the MMS InitiationResponse message.
CVSS 7.5
CVE-2024-45970 WRITEUP CRITICAL WRITEUP
MZ Automation libiec61850 < 1.6.0 - Stack-based Buffer Overflow via MMS FileDirResponse Message
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cause a stack-based buffer overflow via the MMS FileDirResponse message.
CVSS 9.8
CVE-2024-45971 WRITEUP CRITICAL WRITEUP
libiec61850 < 1.6.0 - Stack-based Buffer Overflow via MMS IdentifyResponse Message
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message.
CVSS 9.8