CVE-2026-12897
HighCVSS 8.4Exploitation Probability (EPSS)
Low risk3th percentile — higher than 3% of all known CVEs
Summary
Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code.
Risk Assessment
This vulnerability poses a risk of sensitive data disclosure and potential system takeover by an attacker.
Recommendation
It is recommended to update Cscape software to version 10.2 SP3 or later to mitigate this vulnerability.
Original NVD description (English source)
Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code.

