Vulnerability Details CVE-2018-19005
Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation vulnerability has been identified that may be exploited by processing specially crafted POC files lacking user input validation. This may allow an attacker to read confidential information and remotely execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.9%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
Products affected by CVE-2018-19005
-
cpe:2.3:a:hornerautomation:cscape:9.70
-
cpe:2.3:a:hornerautomation:cscape:9.80
-
cpe:2.3:a:hornerautomation:cscape:9.80.75.3