Horner Automation’s RCC 972 firmware version 15.40 contains global variables. This could allow an attacker to read out sensitive values and variable keys from the device.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NHornerautomation Rcc972
HWHornerautomationwszystkie wersjeHornerautomation Rcc972 Firmware
OSHornerautomation15.40
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2022-2641CRITICAL9.8ten sam produkt
Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could ...
CVE-2022-2640HIGH7.5ten sam produkt
The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryp...
CVE-2023-7206HIGH7.8ten sam vendor
In Horner Automation Cscape versions 9.90 SP10 and prior, local attackers are able to exploit this vulnerabil...
CVE-2023-28653HIGH7.8ten sam vendor
The affected application lacks proper validation of user-supplied data when parsing project f...
CVE-2023-27916HIGH7.8ten sam vendor
The affected application lacks proper validation of user-supplied data when parsing font files ...