CVE-2022-2970

MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) does not sanitize input before memcpy is used, which could allow an attacker to crash the device or remotely execute arbitrary code.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-251-01 Third Party Advisory US Government Resource
Configurations

Configuration 1

cpe:2.3:a:mz-automation:libiec61850:*:*:*:*:*:*:*:*

Information

Published : 2022-09-23 04:15

Updated : 2022-09-26 10:43


NVD link : CVE-2022-2970

Mitre link : CVE-2022-2970

Products Affected
No products.
CWE