Cscape
This hub aggregates every CVE we track for Cscape, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.
30
CVEs tracked
1
Critical
29
High
0
In CISA KEV
Severity distribution
HIGH29CRITICAL1
Monthly trend
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Cscape.
- CVE-2026-6284Horner Automation Cscape and XL4, XL7 PLC Weak password requirements9.1
- CVE-2024-12212Horner Automation Cscape Out-of-bounds Read7.8
- CVE-2024-9508Horner Automation Cscape Out-of-bounds Read7.8
- CVE-2023-7206Horner Automation Cscape Stack-Based Buffer Overflow7.8
- CVE-2023-28653 The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a use-after-free vulnerability. An attacker could ...7.8
- CVE-2023-29503 The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a stack-based buffer overflow. An attacker could leverage th...7.8
- CVE-2023-31244 The affected product does not properly validate user-supplied data. If a user opens a maliciously formed CSP file, then an attacker could execute arbitrary code within the curren...7.8
- CVE-2023-31278Horner Automation Cscape Out-of-bounds Read7.8
- CVE-2023-32203Horner Automation Cscape Out-of-bounds Write7.8
- CVE-2023-32281 The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in the FontManager. An attacker coul...7.8
- CVE-2023-32289 The affected application lacks proper validation of user-supplied data when parsing project files (e.g.., CSP). This could lead to an out-of-bounds read in IO_CFG. An attacker could leve...7.8
- CVE-2023-32539Horner Automation Cscape Out-of-bounds Write7.8
- CVE-2023-32545 The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in Cscape!CANPortMigration. An a...7.8
- CVE-2022-3377Horner Automation's Cscape version 9.90 SP 6 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code wi...7.8
- CVE-2022-3378 Horner Automation's Cscape version 9.90 SP 7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code w...7.8
Product normalization is registry-driven with AI assist and human review. How it works