Vulnerabilities > CVE-2023-28653 - Use After Free vulnerability in Hornerautomation Cscape and Cscape Envisionrv
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a use-after-free vulnerability. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |