Vulnerabilities > Hornerautomation

DATE CVE VULNERABILITY TITLE RISK
2023-06-06 CVE-2023-32545 Out-of-bounds Read vulnerability in Hornerautomation Cscape and Cscape Envisionrv
The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP).
local
low complexity
hornerautomation CWE-125
7.8
2023-03-09 CVE-2023-0621 Unspecified vulnerability in Hornerautomation Cscape Envision RV 4.60
Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds read vulnerability when parsing project (i.e.
local
low complexity
hornerautomation
7.8
2023-03-09 CVE-2023-0622 Unspecified vulnerability in Hornerautomation Cscape Envision RV 4.60
Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project (i.e.
local
low complexity
hornerautomation
7.8
2023-03-09 CVE-2023-0623 Unspecified vulnerability in Hornerautomation Cscape Envision RV 4.60
Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project (i.e.
local
low complexity
hornerautomation
7.8
2022-12-02 CVE-2022-2640 Inadequate Encryption Strength vulnerability in Hornerautomation Rcc972 Firmware 15.40
The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering.
network
low complexity
hornerautomation CWE-326
7.5
2022-12-02 CVE-2022-2641 Use of Hard-coded Cryptographic Key vulnerability in Hornerautomation Rcc972 Firmware 15.40
Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device.
network
low complexity
hornerautomation CWE-321
critical
9.8
2022-12-02 CVE-2022-2642 Excessive Reliance on Global Variables vulnerability in Hornerautomation Rcc972 Firmware 15.40
Horner Automation’s RCC 972 firmware version 15.40 contains global variables.
network
low complexity
hornerautomation CWE-1108
7.5
2022-11-15 CVE-2022-3377 Access of Uninitialized Pointer vulnerability in Hornerautomation Cscape
Horner Automation's Cscape version 9.90 SP 6 and prior does not properly validate user-supplied data.
local
low complexity
hornerautomation CWE-824
7.8
2022-10-27 CVE-2022-3378 Access of Uninitialized Pointer vulnerability in Hornerautomation Cscape
Horner Automation's Cscape version 9.90 SP 7 and prior does not properly validate user-supplied data.
local
low complexity
hornerautomation CWE-824
7.8
2022-10-27 CVE-2022-3379 Out-of-bounds Write vulnerability in Hornerautomation Cscape
Horner Automation's Cscape version 9.90 SP7 and prior does not properly validate user-supplied data.
local
low complexity
hornerautomation CWE-787
7.8