Vulnerability Description
Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation vulnerability has been identified that may be exploited by processing specially crafted POC files lacking user input validation. This may allow an attacker to read confidential information and remotely execute arbitrary code.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hornerautomation | Cscape | < 9.80.75.3 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/106275Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-354-01Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/106275Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-354-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2018-19005?
CVE-2018-19005 is a vulnerability with a CVSS score of 7.8 (HIGH). Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation vulnerability has been identified that may be exploited by processing specially crafted POC files lacking user input validation. T...
How severe is CVE-2018-19005?
CVE-2018-19005 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-19005?
Check the references section above for vendor advisories and patch information. Affected products include: Hornerautomation Cscape.