Vulnerabilities > CVE-2023-31244 - Access of Uninitialized Pointer vulnerability in Hornerautomation Cscape and Cscape Envisionrv

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
hornerautomation
CWE-824

Summary

The affected product does not properly validate user-supplied data. If a user opens a maliciously formed CSP file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer.

Vulnerable Configurations

Part Description Count
Application
Hornerautomation
2

Common Weakness Enumeration (CWE)