EUVD-2021-31299

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Vulnerability in Horner Automation Cscape can be exploited through malicious HMI project files.

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the Horner Automation Cscape EnvisionRV software lies in insufficient validation of input data, allowing attackers to compromise the confidentiality, integrity, and accessibility of protected information.	31 Aug 202200:00	–	bdu_fstec
Circl	CVE-2021-44462	25 Mar 202221:36	–	circl
CNNVD	Horner Automation Cscape 输入验证错误漏洞	21 Dec 202100:00	–	cnnvd
CNVD	Horner Automation Cscape EnvisionRV Input Validation Error Vulnerability	23 Dec 202100:00	–	cnvd
CVE	CVE-2021-44462	25 Mar 202218:02	–	cve
Cvelist	CVE-2021-44462 Horner Automation Cscape EnvisionRV Improper Input Validation	25 Mar 202218:02	–	cvelist
ICS	Horner Automation Cscape EnvisionRV	21 Dec 202100:00	–	ics
NVD	CVE-2021-44462	25 Mar 202219:15	–	nvd
OSV	CVE-2021-44462	25 Mar 202219:15	–	osv
Prion	Design/Logic Flaw	25 Mar 202219:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "a463f11e-5d29-318c-9fb9-c0b398ad1b2f",
        "vendor": {
          "name": "Horner Automation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "8a8775e8-485d-39c9-84d1-0204d28aa250",
        "product": {
          "name": "Cscape EnvisionRV"
        },
        "product_version": "unspecified ≤v4.50.3.1"
      }
    ]
  }
]

Source	Link
cisa	www.cisa.gov/uscert/ics/advisories/icsa-21-355-02

03 Oct 2025 20:07Current

7.2High risk

Vulners AI Score7.2

CVSS 3.17.1 - 7.8

CVSS 25.8

EPSS0.00145

SSVC