CVE-2024-45969 is a vulnerability discovered in the MMS Client of the MZ Automation LibIEC1850 library, which is used for industrial automation communications following the IEC 61850 standard. The flaw arises from a NULL pointer dereference triggered when processing a malformed MMS InitiationResponse message sent by a malicious server. This causes the client application to crash or become unresponsive, resulting in a denial-of-service (DoS) condition. The vulnerability requires no authentication or user interaction and can be exploited remotely over the network, making it accessible to any attacker capable of sending crafted MMS messages. The vulnerability is classified under CWE-476, indicating improper handling of NULL pointers in the code. The CVSS v3.1 base score of 7.5 reflects a high severity due to the ease of exploitation (network vector, no privileges required) and the significant impact on availability, although confidentiality and integrity remain unaffected. No patches or fixes have been publicly released at the time of publication, and no active exploitation has been reported. The vulnerability primarily threatens environments where MZ Automation LibIEC1850 is deployed, especially in industrial control systems (ICS) and critical infrastructure sectors relying on IEC 61850 communications for automation and monitoring.

The primary impact of CVE-2024-45969 is a denial-of-service condition that disrupts the availability of the MMS Client in affected systems. In industrial automation and critical infrastructure environments, such disruption can lead to loss of monitoring and control capabilities, potentially causing operational downtime, safety risks, and financial losses. Since the vulnerability can be exploited remotely without authentication, attackers can easily target exposed systems to cause service interruptions. Although confidentiality and integrity are not directly compromised, the loss of availability in control systems can indirectly affect operational integrity and safety. Organizations relying on MZ Automation LibIEC1850 for IEC 61850 communications in sectors such as energy, manufacturing, and utilities are particularly vulnerable. The absence of known exploits in the wild provides a window for proactive mitigation, but the lack of available patches increases the risk if attackers develop exploits.

Organizations should immediately assess their exposure to MZ Automation LibIEC1850, especially systems handling MMS communications over IEC 61850 protocols. Network segmentation and strict access controls should be enforced to limit exposure of MMS clients to untrusted networks. Deploying intrusion detection/prevention systems (IDS/IPS) capable of recognizing and blocking malformed MMS InitiationResponse messages can help mitigate exploitation attempts. Monitoring network traffic for unusual MMS message patterns is advisable. Vendors and users should prioritize obtaining and applying patches or updates once available from MZ Automation or maintainers of LibIEC1850. In the interim, disabling or restricting MMS client functionality where feasible, or implementing application-layer firewalls to filter MMS traffic, can reduce risk. Incident response plans should include procedures for detecting and responding to DoS conditions affecting industrial communication clients. Regular security audits and vulnerability scanning focused on industrial protocols are recommended to identify and remediate similar issues proactively.