CVE-2026-12897
View CSAF Summary Successful exploitation of this vulnerability could allow a local attacker to disclose information and execute arbitrary code. The following versions of Horner Automation Cscape are affected: Cscape <10.2_SP3 CVSS Vendor Equipment Vulnerabilities v3 7.8 Horner Automation Horner Automation Cscape Out-of-bounds Read Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: United States Vulnerabilities Expand All + CVE-2026-12897 Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code. View CVE Details Affected Products Horner Automation Cscape Vendor: Horner Automation Product Version: Horner Automation Cscape: <10.2_SP3 Product Status: known_affected Remediations Vendor fix Horner Automation has released Cscape 10.2 SP3 for users to download. Vendor fix For more information, see the Cscape 10.2 SP3 release notes (https://hornerautomation.com/cscape-software-free/cscape-software/). https://hornerautomation.com/cscape-software-free/cscape-software/ Relevant CWE: CWE-125 Out-of-bounds Read Metrics CVSS Version Base Score Base Severity Vector String 3.1 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 4.0 8.4 HIGH CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Acknowledgments Michael Heinzl reported this vulnerability to CISA Legal Notice and Terms of Use This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy). Recommended Practices CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the intern
CSIRTS triage
- What
- A vulnerability could allow a local attacker to disclose information and execute arbitrary code.
- Who is affected
- Users of Horner Automation Cscape versions prior to 10.2 SP3.
- Urgency
- Critical urgency due to the severity of the vulnerabilities.
- Action
- Upgrade to Cscape version 10.2 SP3 or later.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch CVE-2026-12897
Get an email if CVE-2026-12897 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.
Exploitation outlook
- Low exploitation risk0.13% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 3% of all EPSS-scored CVEs.
Advisory coverage (1)
- criticalHorner Automation Cscapecisa · 2026-06-25
External references
Embed the live status
— this badge updates automatically when the KEV or exploit status changes. How to embed it →
[](https://www.csirts.com/cve/CVE-2026-12897)