Lucene search

IcscertCVELIST:CVE-2022-3379

HistoryOct 27, 2022 - 10:11 p.m.

CVE-2022-3379

2022-10-2722:11:48

CWE-787

icscert

www.cve.org

horner automation cscape

data validation

malicious file

arbitrary code execution

memory buffer

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

26.2%

JSON

Horner Automation’s Cscape version 9.90 SP7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by writing outside the memory buffer.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Cscape",
    "vendor": "Horner Automation",
    "versions": [
      {
        "lessThanOrEqual": "9.90",
        "status": "affected",
        "version": "0",
        "versionType": "SP 7"
      }
    ]
  }
]

References

www.cisa.gov/uscert/ics/advisories/icsa-22-277-03

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

26.2%

JSON

Related for CVELIST:CVE-2022-3379