CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32289
https://notcve.org/view.php?id=CVE-2023-32289
06 Jun 2023 — The affected application lacks proper validation of user-supplied data when parsing project files (e.g.., CSP). This could lead to an out-of-bounds read in IO_CFG. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-04 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32539 – Horner Automation Cscape Out-of-bounds Write
https://notcve.org/view.php?id=CVE-2023-32539
06 Jun 2023 — The affected application lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e3c04. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process. Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e3c04. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-04 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32545
https://notcve.org/view.php?id=CVE-2023-32545
06 Jun 2023 — The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in Cscape!CANPortMigration. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-04 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-3377
https://notcve.org/view.php?id=CVE-2022-3377
27 Oct 2022 — Horner Automation's Cscape version 9.90 SP 6 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer, leading to an out-of-bounds memory read. Cscape versión 9.90 SP 6 y anteriores de Horner Automation no valida correctamente los datos proporcionados por el usuario. Si un usuario abre un archivo FNT formado con fines malintencionados, un atacante podr... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-277-03 • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-3378
https://notcve.org/view.php?id=CVE-2022-3378
27 Oct 2022 — Horner Automation's Cscape version 9.90 SP 7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer, leading to an out-of-bounds memory write. Horner Automation´s Cscape versión 9.90 SP 7 y anteriores no valida correctamente los datos proporcionados por el usuario. Si un usuario abre un archivo FNT formado con fines malintencionados, un atacante podr... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-277-03 • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-3379
https://notcve.org/view.php?id=CVE-2022-3379
27 Oct 2022 — Horner Automation's Cscape version 9.90 SP7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by writing outside the memory buffer. Horner Automation´s Cscape versión 9.90 SP 7 y anteriores no validan correctamente los datos proporcionados por el usuario. Si un usuario abre un archivo FNT formado con fines malintencionados, un atacante podría ejecutar código arbitrario dentro del pr... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-277-03 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-30540 – Horner Automation Cscape Csfont
https://notcve.org/view.php?id=CVE-2022-30540
01 Jun 2022 — The affected product is vulnerable to a heap-based buffer overflow via uninitialized pointer, which may allow an attacker to execute arbitrary code El producto afectado es vulnerable a un desbordamiento de búfer en la región heap de la memoria por medio de un puntero no inicializado, lo que puede permitir a un atacante ejecutar código arbitrario • https://www.cisa.gov/uscert/ics/advisories/icsa-22-146-02 • CWE-122: Heap-based Buffer Overflow CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-29488 – Horner Automation Cscape Csfont
https://notcve.org/view.php?id=CVE-2022-29488
01 Jun 2022 — The affected product is vulnerable to an out-of-bounds read via uninitialized pointer, which may allow an attacker to execute arbitrary code. El producto afectado es vulnerable a una lectura fuera de límites por medio de un puntero no inicializado, lo que puede permitir a un atacante ejecutar código arbitrario • https://www.cisa.gov/uscert/ics/advisories/icsa-22-146-02 • CWE-125: Out-of-bounds Read CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-28690 – Horner Automation Cscape Csfont
https://notcve.org/view.php?id=CVE-2022-28690
01 Jun 2022 — The affected product is vulnerable to an out-of-bounds write via uninitialized pointer, which may allow an attacker to execute arbitrary code. El producto afectado es vulnerable a una escritura fuera de límites por medio de un puntero no inicializado, lo que puede permitir a un atacante ejecutar código arbitrario • https://www.cisa.gov/uscert/ics/advisories/icsa-22-146-02 • CWE-787: Out-of-bounds Write CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-27184 – Horner Automation Cscape Csfont
https://notcve.org/view.php?id=CVE-2022-27184
01 Jun 2022 — The affected product is vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code. El producto afectado es vulnerable a una escritura fuera de límites, que puede permitir a un atacante ejecutar código arbitrario • https://www.cisa.gov/uscert/ics/advisories/icsa-22-146-02 • CWE-787: Out-of-bounds Write •