Vulnerability - CVE-2024-26529

Name

CVE-2024-26529

Source

NVD ( link)Debian ( link)

Description

An issue in mz-automation libiec61850 v.1.5.3 and before, allows a remote attacker to cause a denial of service (DoS) via the mmsServer_handleDeleteNamedVariableListRequest function of src/mms/iso_mms/server/mms_named_variable_list_service.c.

CWEs

Published Date

Mar 13, 2024

Updated Date

Jun 17, 2026

Workaround

Advisories

https://github.com/mz-automation/libiec61850/issues/492Exploit

https://github.com/mz-automation/libiec61850/issues/495Exploit

https://github.com/mz-automation/libiec61850/issues/492Exploit

https://github.com/mz-automation/libiec61850/issues/495Exploit

Analysis#

Affected Component

Analysis

libiec61850

Exploitable

Vulnerability Ratings#

7.5

CVSSv31

NaN

other

Others affected components#

Name

Project

Project Version

Version

Status

libiec61850

buildroot

2025.02.x

1.6.0

Not Affected

libiec61850

buildroot

master

1.6.1

Not Affected

libiec61850

yocto

master

1.6.1

Not Affected

libiec61850

yocto

scarthgap

1.5.3

Exploitable