CVE-2026-12897 Out-of-bounds read in Horner Automation Cscape

Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on May 8, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-128-01 Horner Automation Cscape ICSA-25-128-02 Hitachi Energy RTU500 series ICSA-25-128-03...

Horner Automation Cscape 缓冲区错误漏洞

Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation, USA. A buffer error vulnerability exists in Horner Automation Cscape v9.90 SP8 and Cscape EnvisionRV v4.70, which stems from a lack of proper validation of user-supplied...

The vulnerability of the Horner Automation Cscape EnvisionRV remote control access software and the Cscape software lies in the fact that the output operations go beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Horner Automation Cscape EnvisionRV remote control access software and the Cscape software lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by causing the user to open a specially...

PT-2023-2869 · Horner Automation · Horner Automation Cscape Envisionrv +1

Name of the Vulnerable Software and Affected Versions: Horner Automation Cscape EnvisionRV affected versions not specified Cscape affected versions not specified Description: The issue is caused by an out-of-bounds read in memory due to improper validation of user-supplied data when parsing proje...