The NCCIC has published an advisory on an improper input validation vulnerability in Horner Automation Cscape. Versions 9.80.75.3 SP3 and prior are affected. Successful exploitation of this vulnerability could crash the device being accessed, allow the attacker to read confidential information, and may allow an attacker to remotely execute arbitrary code. Horner Automation recommends affected users update to the latest version of Cscape (Version 9.80 SP4). The NCCIC also advises on a series of mitigating measures for these vulnerabilities. NCCIC/ICS-CERT.
You are here
Related Resources
Jan 23, 2025 in Cybersecurity, in OT-ICS Security, in Federal & State Resources
Jan 23, 2025 in Cybersecurity, in Security Preparedness
Vulnerability Awareness – Joint Advisory on Ivanti Exploit Chains by Suspected Chinese Threat Actors
Jan 23, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness
