CVE-2019-12480

HIGH

BACnet Protocol Stack <= 0.8.6 - Unauthenticated Denial of Service via Malformed DCC in AtomicWriteFile

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-12480. PoCs published by mmorillo.

AI-analyzed exploit summary This exploit sends malformed BACnet protocol packets to trigger a segmentation fault in BACnet Stack 0.8.6, leading to a denial of service (DoS). It uses UDP sockets to send three distinct payloads targeting DeviceCommunicationControl, AtomicReadFile, and AtomicWriteFile services.

Description

BACnet Protocol Stack through 0.8.6 has a segmentation fault leading to denial of service in BACnet APDU Layer because a malformed DCC in AtomicWriteFile, AtomicReadFile and DeviceCommunicationControl services. An unauthenticated remote attacker could cause a denial of service (bacserv daemon crash) because there is an invalid read in bacdcode.c during parsing of alarm tag numbers.

Exploits (1)

exploitdb WORKING POC

by mmorillo · pythondoslinux

https://www.exploit-db.com/exploits/47148

View Code ZIP pw:eip

This exploit sends malformed BACnet protocol packets to trigger a segmentation fault in BACnet Stack 0.8.6, leading to a denial of service (DoS). It uses UDP sockets to send three distinct payloads targeting DeviceCommunicationControl, AtomicReadFile, and AtomicWriteFile services.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: BACnet Stack 0.8.6

No auth needed

Prerequisites: Network access to the target BACnet server · UDP port accessibility

MITRE ATT&CK