VYPR
Vendor

Horner Automation

Products
4
CVEs
27
Across products
40
Status
Private

Products

4

Recent CVEs

27
View all 27 CVEs →
  • CVE-2022-2641CriDec 2, 2022
    risk 0.64cvss 9.8epss 0.01

    Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could allow an attacker to perform unauthorized changes to the device, remotely execute arbitrary code, or cause a denial-of-service condition.

  • CVE-2025-4098HigMay 8, 2025
    risk 0.55cvss epss 0.00

    Horner Automation Cscape version 10.0 (10.0.415.2) SP1 is vulnerable to an out-of-bounds read vulnerability that could allow an attacker to disclose information and execute arbitrary code on affected installations of Cscape.

  • CVE-2026-12897higJun 25, 2026
    risk 0.51cvss 7.8epss 0.00

    Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code.

  • CVE-2024-9508HigDec 13, 2024
    risk 0.51cvss 7.8epss 0.00

    Horner Automation Cscape contains a memory corruption vulnerability, which could allow an attacker to disclose information and execute arbitrary code.

  • CVE-2024-12212HigDec 13, 2024
    risk 0.51cvss 7.8epss 0.00

    The vulnerability occurs in the parsing of CSP files. The issues result from the lack of proper validation of user-supplied data, which could allow reading past the end of allocated data structures, resulting in execution of arbitrary code.

  • CVE-2023-7206HigJan 15, 2024
    risk 0.51cvss 7.8epss 0.00

    In Horner Automation Cscape versions 9.90 SP10 and prior, local attackers are able to exploit this vulnerability if a user opens a malicious CSP file, which would result in execution of arbitrary code on affected installations of Cscape.

  • CVE-2023-32203HigJun 6, 2023
    risk 0.51cvss 7.8epss 0.00

    Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e374b. An attacker could leverage this vulnerability to execute arbitrary code in the context of the…

  • CVE-2023-31278HigJun 6, 2023
    risk 0.51cvss 7.8epss 0.00

    Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process.

  • CVE-2023-31244HigJun 6, 2023
    risk 0.51cvss 7.8epss 0.00

    The affected product does not properly validate user-supplied data. If a user opens a maliciously formed CSP file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer.

  • CVE-2023-29503HigJun 6, 2023
    risk 0.51cvss 7.8epss 0.00

    The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. …

  • CVE-2023-28653HigJun 6, 2023
    risk 0.51cvss 7.8epss 0.00

    The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a use-after-free vulnerability. An attacker could leverage this vulnerability to execute arbitrary code in the context of the…

  • CVE-2023-27916HigJun 6, 2023
    risk 0.51cvss 7.8epss 0.00

    The affected application lacks proper validation of user-supplied data when parsing font files (e.g., FNT). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current…

  • CVE-2023-32539HigJun 6, 2023
    risk 0.51cvss 7.8epss 0.00

    Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e3c04. An attacker could leverage this vulnerability to potentially execute arbitrary code in the…

  • CVE-2023-32289HigJun 6, 2023
    risk 0.51cvss 7.8epss 0.00

    The affected application lacks proper validation of user-supplied data when parsing project files (e.g.., CSP). This could lead to an out-of-bounds read in IO_CFG. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current…

  • CVE-2023-32281HigJun 6, 2023
    risk 0.51cvss 7.8epss 0.00

    The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in the FontManager. An attacker could leverage this vulnerability to execute arbitrary code in the context of the…

  • CVE-2023-32545HigJun 6, 2023
    risk 0.51cvss 7.8epss 0.00

    The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in Cscape!CANPortMigration. An attacker could leverage this vulnerability to execute arbitrary code in the context…

  • CVE-2023-0623HigMar 9, 2023
    risk 0.51cvss 7.8epss 0.00

    Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project (i.e. HMI) files. The product lacks proper validation of user-supplied data, which could result in writes past the end of allocated data structures. An attacker could…

  • CVE-2023-0622HigMar 9, 2023
    risk 0.51cvss 7.8epss 0.00

    Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project (i.e. HMI) files. The product lacks proper validation of user-supplied data, which could result in writes past the end of allocated data structures. An attacker could…

  • CVE-2023-0621HigMar 9, 2023
    risk 0.51cvss 7.8epss 0.00

    Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds read vulnerability when parsing project (i.e. HMI) files. The product lacks proper validation of user-supplied data, which could result in reads past the end of allocated data structures. An attacker could…

  • CVE-2022-3377HigNov 15, 2022
    risk 0.51cvss 7.8epss 0.00

    Horner Automation's Cscape version 9.90 SP 6 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer, leading to an…