CVE Catalog

CVE-2026-12897

HighCVSS 8.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.13%

3th percentile — higher than 3% of all known CVEs

Summary

Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code.

Risk Assessment

This vulnerability poses a risk of sensitive data disclosure and potential system takeover by an attacker.

Recommendation

It is recommended to update Cscape software to version 10.2 SP3 or later to mitigate this vulnerability.

Original NVD description (English source)

Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS