CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-7206

In Horner Automation Cscape versions 9.90 SP10 and prior, local attackers are able to exploit this vulnerability if a user opens a malicious CSP file, which would result in execution of arbitrary code on affected installations of Cscape.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.9%

CVSS Severity

CVSS v3 Score 7.8

References

https://hornerautomation.com/cscape-software/
https://www.cisa.gov/news-events/ics-advisories/icsa-24-011-04
https://hornerautomation.com/cscape-software/
https://www.cisa.gov/news-events/ics-advisories/icsa-24-011-04

Products affected by CVE-2023-7206

Hornerautomation » Cscape » Version: 9.70

cpe:2.3:a:hornerautomation:cscape:9.70
Hornerautomation » Cscape » Version: 9.80

cpe:2.3:a:hornerautomation:cscape:9.80
Hornerautomation » Cscape » Version: 9.80.75.3

cpe:2.3:a:hornerautomation:cscape:9.80.75.3
Hornerautomation » Cscape » Version: 9.90

cpe:2.3:a:hornerautomation:cscape:9.90

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-7206

Products

Pricing

Contact Us