描述
Cscape (All Versions prior to 9.90 SP5) lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds write via an uninitialized pointer. An attacker could leverage this vulnerability to execute code in the context of the current process.
AI分析AI驱动
受影响产品
hornerautomationcscape
hornerautomationcscape
9.90
hornerautomationcscape
9.90
hornerautomationcscape
9.90
hornerautomationcscape
9.90
hornerautomationcscape
9.90
参考资料
- https://us-cert.cisa.gov/ics/advisories/icsa-21-224-02Third Party AdvisoryUS Government Resource
- https://us-cert.cisa.gov/ics/advisories/icsa-21-224-02Third Party AdvisoryUS Government Resource