Horner Automation Cscape (ICSA-19-290-02)

CISA has published an advisory on improper input validation and out-of-bounds write vulnerability in Horner Automation Cscape. Cscape 9.90 and prior are affected. Successful exploitation of these vulnerabilities could crash the device being accessed, which may allow the attacker to access information and execute arbitrary code. Horner Automation recommends affected users update to Cscape Version 9.90 SP1 or later. Additionally, CISA recommends a list of actions to mitigate this vulnerability. Read the advisory at CISA.