cvedb.io
CVE-2022-2970
CRITICAL · CVSS 10
EPSS exploitation probability: 0%
Published 2022-09-23T16:15:10.800 · Last modified 2026-06-17T04:42:54.333

Summary

MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) does not sanitize input before memcpy is used, which could allow an attacker to crash the device or remotely execute arbitrary code.

Affected products

mz-automation — libiec61850

Does this affect you?

Add your gear to cvedb and we'll alert you only when mz-automation ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.