CVE Catalog

CVE-2026-51219

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

8th percentile — higher than 8% of all known CVEs

Summary

A heap buffer overflow vulnerability has been discovered in the HighPriorityASDUQueue_hasUnconfirmedIMessages function of lib60870 versions 2.3.3 through 2.3.6. An attacker can exploit this to cause a Denial of Service (DoS) by sending a crafted payload.

Risk Assessment

The risk involves potential remote disruption of systems using lib60870, which may lead to service outages in critical environments, especially in industrial automation settings.

Recommendation

Immediately update lib60870 to a version later than 2.3.6 that includes the fix. Additionally, restrict network access to systems using this library to trusted networks only.

Original NVD description (English source)

A heap buffer overflow in the HighPriorityASDUQueue_hasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS