Horner Automation Cscape CVE-2019-6555 Arbitrary Code Execution Vulnerability
BID:107087
CVE-2019-6555 |Info
Horner Automation Cscape CVE-2019-6555 Arbitrary Code Execution Vulnerability
| Bugtraq ID: | 107087 |
| Class: | Input Validation Error |
| CVE: |
CVE-2019-6555 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 19 2019 12:00AM |
| Updated: | Feb 19 2019 12:00AM |
| Credit: | Trend Micro�??s Zero Day Initiative |
| Vulnerable: |
Horner Automation Cscape 9.80.75.3 Horner Automation Cscape 9.80 SP4 Horner Automation Cscape 9.80 SP2 Horner Automation Cscape 9.80 SP1 Horner Automation Cscape 9.80 Horner Automation Cscape 9.3 Horner Automation Cscape 9.0 Horner Automation Cscape 8.0 Horner Automation Cscape 4 |
| Not Vulnerable: |
Horner Automation Cscape 9.90 |
Discussion
Horner Automation Cscape CVE-2019-6555 Arbitrary Code Execution Vulnerability
Horner Automation Cscape is prone to an arbitrary code-execution vulnerability.
Attackers can exploit this issue to execute arbitrary code within the context of the affected application, crash the device or obtain sensitive information.
Horner Automation Cscape version 9.80 SP4 and prior are vulnerable.
Horner Automation Cscape is prone to an arbitrary code-execution vulnerability.
Attackers can exploit this issue to execute arbitrary code within the context of the affected application, crash the device or obtain sensitive information.
Horner Automation Cscape version 9.80 SP4 and prior are vulnerable.
Exploit / POC
Horner Automation Cscape CVE-2019-6555 Arbitrary Code Execution Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Horner Automation Cscape CVE-2019-6555 Arbitrary Code Execution Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Horner Automation Cscape CVE-2019-6555 Arbitrary Code Execution Vulnerability
References:
References:
- Horner Automation Cscape Product Page (Horner Automation)
- Horner Automation Home Page (Horner Automation)
- Advisory (ICSA-19-050-03) (ICS-CERT)