CNNVD-202511-2836 Information

CNNVD ID

CNNVD-202511-2836

Related CVE

CVE-2020-36872

• CNNVD Published: 2025-11-26

Description (Chinese)

BACnet Test Server是美国BACnet公司的一个BACnet协议设备的测试工具。 BACnet Test Server 1.01及之前版本存在资源管理错误漏洞，该漏洞源于BACnet/IP BVLC数据包处理中未正确验证BVLC Length字段，可能导致拒绝服务攻击。

Description (English)

BACnet Test Server is a testing tool for BACnet protocol equipment of the United States company BACnet. BACnet Test Server 1.01 and previous versions had a resource management error loophole, which stemmed from the incorrect validation of the BVLC Length field in the BACnet/IP BVLC package processing, which could lead to a denial of service attack.

Hazard Level

Medium

Vulnerability Type

资源管理错误

Affected Vendor

BACnet

Published

2025-11-26

Last Modified

2026-02-24

References

https://cxsecurity.com/issue/WLB-2020100045 https://www.exploit-db.com/exploits/48860 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5597.php https://packetstormsecurity.com/files/159504 https://www.vulncheck.com/advisories/bacnet-test-server-malformed-bvlc-length-dos https://www.bac-test.com/ https://access.redhat.com/security/cve/cve-2020-36872