CVE-2026-6284

CVE-2026-6284 affects Horner Automation PLC products (Cscape software and XL4/XL7 XL-series PLCs). Vulnerability stems from weak password requirements: limited password complexity and no input-rate limits enable network-auth brute-forcing to gain unauthorized access to systems and services. Attac...

CVE-2026-6284 Horner Automation Cscape and XL4, XL7 PLC Weak password requirements

An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...

Horner Automation多款产品 安全漏洞

Horner Automation Cscape is a product of the American company Horner Automation. Horner Automation Cscape is a programming software used for developing industrial control systems. Horner Automation XL7 PLC is an industrial programmable logic controller with integrated touchscreen and control...

Horner Automation Cscape and XL4, XL7 PLC

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to systems and services. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure...

EUVD-2019-4996

Malware in sbrugna...

EUVD-2022-34889

Malicious code in bioql PyPI...

EUVD-2022-42757

Malicious code in bioql PyPI...

EUVD-2022-34888

Malicious code in bioql PyPI...

EUVD-2022-34887

Malicious code in bioql PyPI...

EUVD-2023-35592

Malicious code in bioql PyPI...

EUVD-2023-36783

Malicious code in bioql PyPI...

EUVD-2024-50368

Malicious code in bioql PyPI...

EUVD-2023-36461

Malicious code in bioql PyPI...

CVE-2019-13541

In Horner Automation Cscape 9.90 and prior, an improper input validation vulnerability has been identified that may be exploited by processing files lacking user input validation. This may allow an attacker to access information and remotely execute arbitrary code...

CVE-2019-13545

In Horner Automation Cscape 9.90 and prior, improper validation of data may cause the system to write outside the intended buffer area, which may allow arbitrary code execution...

CVE-2025-4098

Horner Automation Cscape version 10.0 10.0.415.2 SP1 is vulnerable to an out-of-bounds read vulnerability that could allow an attacker to disclose information and execute arbitrary code on affected installations of Cscape...

CVE-2025-4098 Out-of-bounds Read in Horner Automation Cscape

Horner Automation Cscape version 10.0 10.0.415.2 SP1 is vulnerable to an out-of-bounds read vulnerability that could allow an attacker to disclose information and execute arbitrary code on affected installations of Cscape...

CVE-2025-4098 Out-of-bounds Read in Horner Automation Cscape

Horner Automation Cscape version 10.0 10.0.415.2 SP1 is vulnerable to an out-of-bounds read vulnerability that could allow an attacker to disclose information and execute arbitrary code on affected installations of Cscape...

CVE-2025-4098

CVE-2025-4098 affects Horner Automation Cscape 10.0 (10.0.415.2) SP1. The vulnerability is an out-of-bounds read in a component/function used by Cscape that could allow an attacker to disclose information and potentially execute arbitrary code on affected installations. The CVSS metrics indicate ...

Horner Automation Cscape 缓冲区错误漏洞

Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation. A buffer error vulnerability exists in Horner Automation Cscape version 10.0 that originates from an out-of-bounds read and could allow an attacker to disclose information...