Horner Automation Cscape
MonitorCVSS 7.8ICS-CERT ICSA-26-176-03Jun 25, 2026
Horner Automation
Attack path
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
Cscape before version 10.2 SP3 contains a buffer overflow vulnerability that allows a local attacker to disclose information and execute arbitrary code on the engineering workstation. Successful exploitation requires local access and user interaction, such as opening a malicious Cscape project file.
What this means
What could happen
An attacker with local access to a computer running Cscape could read sensitive files and execute arbitrary code, potentially gaining control of engineering workstations used to configure PLCs or other automation equipment.
Who's at risk
Engineers and automation technicians using Horner Automation Cscape software to program and configure Horner PLCs and automation controllers should prioritize this update. This affects anyone managing industrial control systems through this engineering workstation software.
How it could be exploited
An attacker with local access to a machine running vulnerable Cscape software could exploit a buffer overflow vulnerability to execute arbitrary code and read sensitive information from the system. This typically requires the attacker to trick a user into opening a malicious file or project.
Prerequisites
- Local access to a computer running Cscape
- User interaction (e.g., opening a malicious project file)
buffer overflow vulnerability (CWE-125)local code execution possibleinformation disclosureaffects engineering workstations
Exploitability
Unlikely to be exploited — EPSS score 0.1%
Affected products (1)
ProductAffected VersionsFix Status
Cscape<10.2 SP3Fix available
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate Horner Automation Cscape to version 10.2 SP3 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/7149c213-cd49-49cd-8317-b773c8b6ff74Get OT security insights every Tuesday
Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.