FreyrSCADA IEC-60870-5-104 Server Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in FreyrSCADA's IEC-60870-5-104 server version 21.06.008. Remote attackers can exploit this vulnerability by sending specific sequences of messages, causing the server to crash. The issue arises from the 'memcpy()' function in the 'libx86_x64-iec104.a' library, where overlapping source and destination addresses lead to segmentation faults and program crashes.

Impact

Exploitation of this vulnerability causes the program to crash, leading to a denial-of-service condition.

Reproduction

The vulnerability can be reproduced using the 'aflnet' tool suite, specifically 'aflnet-replay' to send the message sequences that trigger the denial-of-service condition. After replaying these sequences, the 'memcpy-param-overlap' error, indicating overlapping parameters in the 'memcpy' function, should be observed, resulting in a segmentation fault and program crash.