CVE-2023-31278

Name of the Vulnerable Software and Affected Versions Horner Automation Cscape (affected versions not specified)

Description The issue is related to a lack of proper validation of user-supplied data when parsing project files, such as HMI files. This could lead to an out-of-bounds read, potentially allowing an attacker to execute arbitrary code in the context of the current process. The vulnerability is associated with a buffer overflow in memory, which can be exploited by opening a specially crafted HMI file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.