The vulnerability of the Horner Automation Cscape EnvisionRV software lies in insufficient validation of input data, allowing attackers to compromise the confidentiality, integrity, and accessibility of protected information.

🗓️ 31 Aug 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Horner EnvisionRV input validation flaws enable remote attackers to compromise confidentiality, integrity, and availability via a crafted file.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2021-44462	25 Mar 202221:36	–	circl
CNNVD	Horner Automation Cscape 输入验证错误漏洞	21 Dec 202100:00	–	cnnvd
CNVD	Horner Automation Cscape EnvisionRV Input Validation Error Vulnerability	23 Dec 202100:00	–	cnvd
CVE	CVE-2021-44462	25 Mar 202218:02	–	cve
Cvelist	CVE-2021-44462 Horner Automation Cscape EnvisionRV Improper Input Validation	25 Mar 202218:02	–	cvelist
EUVD	EUVD-2021-31299	3 Oct 202520:07	–	euvd
ICS	Horner Automation Cscape EnvisionRV	21 Dec 202100:00	–	ics
NVD	CVE-2021-44462	25 Mar 202219:15	–	nvd
OSV	CVE-2021-44462	25 Mar 202219:15	–	osv
Prion	Design/Logic Flaw	25 Mar 202219:15	–	prion

Vulners

Node

horner_automation_group cscape_envisionrvRange≤4.50.3.1

Source	Link
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2022010403
web	www.web.nvd.nist.gov/view/vuln/detail
ics-cert	www.ics-cert.us-cert.gov/advisories/ICSA-21-355-02

31 Aug 2022 00:00Current

7High risk

Vulners AI Score7

CVSS 38.8

CVSS 29.3

EPSS0.00145

input validation remote attackers confidentiality integrity availability crafted file