CRITICAL
Horner Automation
CVE published 2026-04-16
CVE-2026-6284
CVE-2026-6284 is a critical authentication weakness affecting Horner Automation Cscape and XL4/XL7 PLC products. CISA says an attacker with network access to the PLC can brute-force passwords because of limited password complexity and the lack of password input limiters, which can lead to unauthorized access to systems and services. The published remediation is to update Cscape to v10.2 SP2 or later and i [truncated]