CVE-2026-6284 Horner Automation Cscape and XL4, XL7 PLC Weak password requirements

An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...

CVE-2026-6284 Horner Automation Cscape and XL4, XL7 PLC Weak password requirements

An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...

Horner Automation多款产品 安全漏洞

Horner Automation Cscape is a product of the American company Horner Automation. Horner Automation Cscape is a programming software used for developing industrial control systems. Horner Automation XL7 PLC is an industrial programmable logic controller with integrated touchscreen and control...

Horner Automation Cscape and XL4, XL7 PLC

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to systems and services. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure...

CVE-2021-33015

Cscape All Versions prior to 9.90 SP5 lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds write via an uninitialized pointer. An attacker could leverage this vulnerability to execute code in the context of the current process...

CVE-2021-22682

Cscape All versions prior to 9.90 SP4 is configured by default to be installed for all users, which allows full permissions, including read/write access. This may allow unprivileged users to modify the binaries and configuration files and lead to local privilege escalation...

CVE-2021-22678

Cscape All versions prior to 9.90 SP4 lacks proper validation of user-supplied data when parsing project files. This could lead to memory corruption. An attacker could leverage this vulnerability to execute code in the context of the current process...

EUVD-2021-19696

Malware in sbrugna...

EUVD-2019-5000

Malware in sbrugna...

EUVD-2018-10723

Malware in sbrugna...

EUVD-2021-19736

Malware in sbrugna...

EUVD-2019-4996

Malware in sbrugna...

EUVD-2021-19716

Malware in sbrugna...

EUVD-2019-16114

Malware in sbrugna...

EUVD-2025-14024

Malicious code in bioql PyPI...

EUVD-2021-9814

Malicious code in bioql PyPI...

EUVD-2023-36783

Malicious code in bioql PyPI...

EUVD-2021-9799

Malicious code in bioql PyPI...

EUVD-2023-59387

Malicious code in bioql PyPI...

EUVD-2024-50368

Malicious code in bioql PyPI...