An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector.
References
Link | Resource |
---|---|
https://github.com/fouzhe/security/tree/master/libiec61850#another-heap-buffer-overflow-in-function-berencoder_encodeoctetstring | Exploit Third Party Advisory |
https://github.com/mz-automation/libiec61850/issues/87 | Exploit Third Party Advisory |
https://github.com/fouzhe/security/tree/master/libiec61850#another-heap-buffer-overflow-in-function-berencoder_encodeoctetstring | Exploit Third Party Advisory |
https://github.com/mz-automation/libiec61850/issues/87 | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 03:57
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/fouzhe/security/tree/master/libiec61850#another-heap-buffer-overflow-in-function-berencoder_encodeoctetstring - Exploit, Third Party Advisory | |
References | () https://github.com/mz-automation/libiec61850/issues/87 - Exploit, Third Party Advisory |
Information
Published : 2018-11-12 05:29
Updated : 2024-11-21 03:57
NVD link : CVE-2018-19185
Mitre link : CVE-2018-19185
CVE.ORG link : CVE-2018-19185
JSON object : View
Products Affected
mz-automation
- libiec61850
CWE
CWE-787
Out-of-bounds Write