1. EXECUTIVE SUMMARY
- CVSS v4 8.5
- ATTENTION: Low attack complexity
- Vendor: Horner Automation
- Equipment: Cscape
- Vulnerabilities: Out-of-bounds Read
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to disclose information and execute arbitrary code.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Horner Automation products are affected:
- Cscape: Versions 10.0.363.1 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 OUT-OF-BOUNDS READ CWE-125
The affected product contains a memory corruption vulnerability, which could allow an attacker to disclose information and execute arbitrary code.
CVE-2024-9508 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2024-9508. A base score of 8.5 has been calculated; the CVSS vector string is (CVSS4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.2.2 OUT-OF-BOUNDS READ CWE-125
The vulnerability occurs in the parsing of CSP files. The issues result from the lack of proper validation of user-supplied data, which could allow reading past the end of allocated data structures, resulting in execution of arbitrary code.