CVE-2020-6996

CRITICAL

Triangle MicroWorks DNP3 Source Code Library 3.16.00-3.25.01 - Unauthenticated Stack-based Buffer Overflow

Title source: llm
STIX 2.1

Description

Triangle MicroWorks DNP3 Outstation LibrariesDNP3 Outstation .NET Protocol components and DNP3 Outstation ANSI C source code libraries are affected:3.16.00 through 3.25.01. A specially crafted message may cause a stack-based buffer overflow. Authentication is not required to exploit this vulnerability.

References (1)

Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://www.us-cert.gov/ics/advisories/icsa-20-105-02

Scores

CVSS v3 9.8
EPSS 0.0135
EPSS Percentile 68.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-121 CWE-787
Status published
Products (1)
trianglemicroworks/dnp3_source_code_library 3.16.00 - 3.25.01
Published Apr 15, 2020
Tracked Since Feb 18, 2026