Heap-based Buffer Overflow in libIEC61850 v1.3's BerEncoder_encodeOctetString

Heap-based Buffer Overflow in libIEC61850 v1.3's BerEncoder_encodeOctetString

CVE-2018-19185 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector.

Learn more about our Web Application Penetration Testing UK.