Hornerautomation

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-7206 1Hornerautomation 1Cscape Nov 21, 2024 Jan 15, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 In Horner Automation Cscape versions 9.90 SP10 and prior, local attackers are able to exploit this vulnerability if a user opens a malicious CSP file, which would result in execution of arbitrary code on affected instal...Show more In Horner Automation Cscape versions 9.90 SP10 and prior, local attackers are able to exploit this vulnerability if a user opens a malicious CSP file, which would result in execution of arbitrary code on affected installations of Cscape. Show less
CVE-2023-32203 1Hornerautomation 2Cscape Cscape Envisionrv Nov 21, 2024 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e374b. An attacker could leverage this vuln...Show more Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e374b. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.Show less
CVE-2023-31278 1Hornerautomation 2Cscape Cscape Envisionrv Nov 21, 2024 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execut...Show more Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process.Show less
CVE-2023-31244 1Hornerautomation 2Cscape Cscape Envisionrv Nov 21, 2024 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 The affected product does not properly validate user-supplied data. If a user opens a maliciously formed CSP file, then an attacker could execute arbitrary code within the current process by accessing...Show more The affected product does not properly validate user-supplied data. If a user opens a maliciously formed CSP file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer. Show less
CVE-2023-29503 1Hornerautomation 2Cscape Cscape Envisionrv Nov 21, 2024 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to exe...Show more The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. Show less
CVE-2023-28653 1Hornerautomation 2Cscape Cscape Envisionrv Nov 21, 2024 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a use-after-free vulnerability. An attacker could leverage this vulnerabi...Show more The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a use-after-free vulnerability. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. Show less
CVE-2023-27916 1Hornerautomation 2Cscape Cscape Envisionrv Nov 21, 2024 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 The affected application lacks proper validation of user-supplied data when parsing font files (e.g., FNT). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potent...Show more The affected application lacks proper validation of user-supplied data when parsing font files (e.g., FNT). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process. Show less
CVE-2023-32539 1Hornerautomation 2Cscape Cscape Envisionrv Nov 21, 2024 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e3c04. An attacker could leverage this vuln...Show more Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e3c04. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process.Show less
CVE-2023-32289 1Hornerautomation 2Cscape Cscape Envisionrv Nov 21, 2024 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 The affected application lacks proper validation of user-supplied data when parsing project files (e.g.., CSP). This could lead to an out-of-bounds read in IO_CFG. An attacker could leverage this vulnerability...Show more The affected application lacks proper validation of user-supplied data when parsing project files (e.g.., CSP). This could lead to an out-of-bounds read in IO_CFG. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. Show less
CVE-2023-32281 1Hornerautomation 2Cscape Cscape Envisionrv Nov 21, 2024 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in the FontManager. An attacker could leverage this vulnera...Show more The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in the FontManager. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. Show less
CVE-2023-32545 1Hornerautomation 2Cscape Cscape Envisionrv Nov 21, 2024 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in Cscape!CANPortMigration. An attacker could leverage...Show more The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in Cscape!CANPortMigration. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. Show less
CVE-2023-0623 1Hornerautomation 1Cscape Envision Rv Jan 17, 2025 Mar 9, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project (i.e. HMI) files. The product lacks proper validation of user-supplied data, which could result in writes past th...Show more Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project (i.e. HMI) files. The product lacks proper validation of user-supplied data, which could result in writes past the end of allocated data structures. An attacker could leverage these vulnerabilities to execute arbitrary code in the context of the current process.Show less
CVE-2023-0622 1Hornerautomation 1Cscape Envision Rv Jan 17, 2025 Mar 9, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project (i.e. HMI) files. The product lacks proper validation of user-supplied data, which could result in writes past th...Show more Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project (i.e. HMI) files. The product lacks proper validation of user-supplied data, which could result in writes past the end of allocated data structures. An attacker could leverage these vulnerabilities to execute arbitrary code in the context of the current process.Show less
CVE-2023-0621 1Hornerautomation 1Cscape Envision Rv Jan 17, 2025 Mar 9, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds read vulnerability when parsing project (i.e. HMI) files. The product lacks proper validation of user-supplied data, which could result in reads past the...Show more Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds read vulnerability when parsing project (i.e. HMI) files. The product lacks proper validation of user-supplied data, which could result in reads past the end of allocated data structures. An attacker could leverage these vulnerabilities to execute arbitrary code in the context of the current process.Show less
CVE-2022-2642 1Hornerautomation 1Rcc972 Firmware Nov 21, 2024 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Horner Automation’s RCC 972 firmware version 15.40 contains global variables. This could allow an attacker to read out sensitive values and variable keys from the device.
CVE-2022-2641 1Hornerautomation 1Rcc972 Firmware Nov 21, 2024 Dec 2, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could allow an attacker to perform unauthorized changes to the device, remotely execute arbitrary code, or cause a d...Show more Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could allow an attacker to perform unauthorized changes to the device, remotely execute arbitrary code, or cause a denial-of-service condition.Show less
CVE-2022-2640 1Hornerautomation 1Rcc972 Firmware Nov 21, 2024 Dec 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering. This could allow an attacker to obtain credentials to run services suc...Show more The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering. This could allow an attacker to obtain credentials to run services such as File Transfer Protocol (FTP) and Hypertext Transfer Protocol (HTTP).Show less
CVE-2022-3377 1Hornerautomation 1Cscape Nov 21, 2024 Nov 15, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Horner Automation's Cscape version 9.90 SP 6 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current proces...Show more Horner Automation's Cscape version 9.90 SP 6 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer, leading to an out-of-bounds memory read. Show less
CVE-2022-3379 1Hornerautomation 1Cscape Nov 21, 2024 Oct 27, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Horner Automation's Cscape version 9.90 SP7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current proces...Show more Horner Automation's Cscape version 9.90 SP7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by writing outside the memory buffer. Show less
CVE-2022-3378 1Hornerautomation 1Cscape Nov 21, 2024 Oct 27, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Horner Automation's Cscape version 9.90 SP 7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current proce...Show more Horner Automation's Cscape version 9.90 SP 7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer, leading to an out-of-bounds memory write. Show less

12 Next