A heap buffer overflow exists within the HighPriorityASDUQueue_hasUnconfirmedIMessages function of the lib60870 library (versions v2.3.3 to v2.3.6). The flaw permits an attacker to deliver a specially crafted IEC60870-5-104 payload that corrupts internal memory and can crash the process, leading to a denial of service. The impact is loss of availability for any application relying on the affected library; confidentiality and integrity are not directly compromised. The weakness is a classic heap buffer overflow, corresponding to CWE-122.

The vulnerable component is the lib60870 library, a widely used implementation of the IEC60870-5-104 protocol. All installations that rely on lib60870 v2.3.3 through v2.3.6 are affected and must be updated to a later release.

The vulnerability is publicly documented and a newer release is available, but no CVSS or EPSS score is reported and the vulnerability is not listed in CISA KEV. The likely attack vector is a concurrent or network interface that accepts IEC60870-5-104 traffic; no additional privileges or anonymity requirements are apparent. Because no exploit evidence is publicly available, the immediate threat level is uncertain, but the potential for disruption in industrial control environments warrants prompt attention.