Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for XL7 PLC by Horner Automation

    CVE-2026-6284 (GCVE-0-2026-6284)

    Vulnerability from nvd – Published: 2026-04-17 15:14 – Updated: 2026-04-20 14:58
    VLAI
    Title
    Horner Automation Cscape and XL4, XL7 PLC Weak password requirements
    Summary
    An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2026-04-16 17:00
    Credits
    An anonymous researcher reported this vulnerability to CISA
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-6284",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-17T16:06:19.870633Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-521",
                    "description": "CWE-521 Weak Password Requirements",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-20T14:58:32.621Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cscape",
              "vendor": "Horner Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "XL7 PLC",
              "vendor": "Horner Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.60"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "XL4 PLC",
              "vendor": "Horner Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "16.32.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "An anonymous researcher reported this vulnerability to CISA"
            }
          ],
          "datePublic": "2026-04-16T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible."
                }
              ],
              "value": "An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-521",
                  "description": "CWE-521",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-17T15:14:06.346Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://hornerautomation.com/cscape-software-free/cscape-software/"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-02"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-02.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Horner Automation recommends users update to Cscape v10.2 SP2 or later. Horner Automation has also released the latest firmware for both XL4 and XL7 PLCs. Horner recommends users update to the latest version of the firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://hornerautomation.com/cscape-software-free/cscape-software/\" title=\"(opens in a new window)\"\u003ehttps://hornerautomation.com/cscape-software-free/cscape-software/\u003c/a\u003e"
                }
              ],
              "value": "Horner Automation recommends users update to Cscape v10.2 SP2 or later. Horner Automation has also released the latest firmware for both XL4 and XL7 PLCs. Horner recommends users update to the latest version of the firmware.\u00a0\n https://hornerautomation.com/cscape-software-free/cscape-software/"
            }
          ],
          "source": {
            "advisory": "ICSA-26-106-02",
            "discovery": "EXTERNAL"
          },
          "title": "Horner Automation Cscape and XL4, XL7 PLC Weak password requirements",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-6284",
        "datePublished": "2026-04-17T15:14:06.346Z",
        "dateReserved": "2026-04-14T15:07:32.676Z",
        "dateUpdated": "2026-04-20T14:58:32.621Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-6284 (GCVE-0-2026-6284)

    Vulnerability from cvelistv5 – Published: 2026-04-17 15:14 – Updated: 2026-04-20 14:58
    VLAI
    Title
    Horner Automation Cscape and XL4, XL7 PLC Weak password requirements
    Summary
    An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2026-04-16 17:00
    Credits
    An anonymous researcher reported this vulnerability to CISA
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-6284",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-17T16:06:19.870633Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-521",
                    "description": "CWE-521 Weak Password Requirements",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-20T14:58:32.621Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Cscape",
              "vendor": "Horner Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "XL7 PLC",
              "vendor": "Horner Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.60"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "XL4 PLC",
              "vendor": "Horner Automation",
              "versions": [
                {
                  "status": "affected",
                  "version": "16.32.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "An anonymous researcher reported this vulnerability to CISA"
            }
          ],
          "datePublic": "2026-04-16T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible."
                }
              ],
              "value": "An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-521",
                  "description": "CWE-521",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-17T15:14:06.346Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://hornerautomation.com/cscape-software-free/cscape-software/"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-02"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-02.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Horner Automation recommends users update to Cscape v10.2 SP2 or later. Horner Automation has also released the latest firmware for both XL4 and XL7 PLCs. Horner recommends users update to the latest version of the firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://hornerautomation.com/cscape-software-free/cscape-software/\" title=\"(opens in a new window)\"\u003ehttps://hornerautomation.com/cscape-software-free/cscape-software/\u003c/a\u003e"
                }
              ],
              "value": "Horner Automation recommends users update to Cscape v10.2 SP2 or later. Horner Automation has also released the latest firmware for both XL4 and XL7 PLCs. Horner recommends users update to the latest version of the firmware.\u00a0\n https://hornerautomation.com/cscape-software-free/cscape-software/"
            }
          ],
          "source": {
            "advisory": "ICSA-26-106-02",
            "discovery": "EXTERNAL"
          },
          "title": "Horner Automation Cscape and XL4, XL7 PLC Weak password requirements",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-6284",
        "datePublished": "2026-04-17T15:14:06.346Z",
        "dateReserved": "2026-04-14T15:07:32.676Z",
        "dateUpdated": "2026-04-20T14:58:32.621Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }