CVE-2019-13545

Опубликовано: 18 окт. 2019

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

In Horner Automation Cscape 9.90 and prior, improper validation of data may cause the system to write outside the intended buffer area, which may allow arbitrary code execution.

Ссылки

https://www.us-cert.gov/ics/advisories/icsa-19-290-02
Mitigation
Third Party Advisory
US Government Resource
https://www.zerodayinitiative.com/advisories/ZDI-19-903/
Third Party Advisory
VDB Entry
https://www.us-cert.gov/ics/advisories/icsa-19-290-02
Mitigation
Third Party Advisory
US Government Resource
https://www.zerodayinitiative.com/advisories/ZDI-19-903/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hornerautomation:cscape:*:*:*:*:*:*:*:*

Версия до 9.90 (включая)

EPSS

Процентиль: 52%

0.0029

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-mqcx-cq92-w542