libIEC61850 1.5.0 src/mms/iso_acse/acse.c AcseConnection_parseMessage null pointer dereference

A vulnerability has been found in libIEC61850 1.5.0 and classified as problematic. This vulnerability affects the function AcseConnection_parseMessage of the file src/mms/iso_acse/acse.c. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field01/15/2022 08:03 AM01/19/2022 01:35 PM
namelibIEC61850libIEC61850
version1.5.01.5.0
filesrc/mms/iso_acse/acse.csrc/mms/iso_acse/acse.c
functionAcseConnection_parseMessageAcseConnection_parseMessage
cwe476 (denial of service)476 (denial of service)
risk11
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iNN
cvss3_vuldb_aLL
cvss3_vuldb_rcCC
identifier368368
urlhttps://github.com/mz-automation/libiec61850/issues/368https://github.com/mz-automation/libiec61850/issues/368
cveCVE-2021-45769CVE-2021-45769
cve_assigned16405596001640559600
date1642201200 (01/15/2022)1642201200 (01/15/2022)
cvss2_vuldb_ciNN
cvss2_vuldb_iiNN
cvss2_vuldb_aiPP
cvss2_vuldb_rcCC
cvss2_vuldb_avAA
cvss2_vuldb_acMM
cvss2_vuldb_auSS
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss3_vuldb_avAA
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss2_vuldb_basescore2.32.3
cvss2_vuldb_tempscore2.32.3
cvss3_vuldb_basescore3.53.5
cvss3_vuldb_tempscore3.53.5
cvss3_meta_basescore3.53.5
cvss3_meta_tempscore3.53.5
price_0day$0-$5k$0-$5k
cve_nvd_summaryA NULL pointer dereference in AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 v1.5.0 can lead to a segmentation fault or application crash.

Interested in the pricing of exploits?

See the underground prices here!