← Back to home
ICSA-18-354-01  ·  Published 2018-12-20  ·  View on CISA ICS-CERT ↗

Horner Automation Cscape

CVSS 6.6 MEDIUM

Risk Summary

Successful exploitation of this vulnerability could crash the device being accessed, allow the attacker to read confidential information, and may allow an attacker to remotely execute arbitrary code.

CVEs (1)

Remediations

  • Horner Automation states that only the Cscape programming software is affected. The operation of any OCS device programmed with an affected version of Cscape is not compromised.
  • Horner Automation recommends affected users update to the latest version of Cscape (Version 9.80 SP4), which is available for download at:
  • www.heapg.com or www.horner-apg.com outside of the Americas.

Affected Vendors

Horner Automation

Affected Products (1)

Horner Automation · Cscape <=9.80.75.3 SP3

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more