Vulnerability Details CVE-2021-32975
Cscape (All Versions prior to 9.90 SP5) lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute code in the context of the current process.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.3%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
Products affected by CVE-2021-32975
-
cpe:2.3:a:hornerautomation:cscape:9.70
-
cpe:2.3:a:hornerautomation:cscape:9.80
-
cpe:2.3:a:hornerautomation:cscape:9.80.75.3
-
cpe:2.3:a:hornerautomation:cscape:9.90