[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:horner-automation-cscape-and-xl4-xl7-plc-mo4lcljc":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":13,"action_required":18,"article_ids":19,"ioc_summary":21,"source_urls":22,"status":24,"expires_at":25,"created_at":26,"updated_at":27,"articles":28},"e3f94fb1-6846-482d-be1e-e6cc6dd7b020","Horner Automation Cscape and XL4, XL7 PLC","horner-automation-cscape-and-xl4-xl7-plc-mo4lcljc","Horner Automation Cscape v10.0, XL4 PLC v16.32.0, and XL7 PLC v15.60 contain a critical password brute-force vulnerability (CVE-2026-6284, CVSS 9.1) with no rate limiting. This affects manufacturing environments globally and allows unauthenticated network attackers to compromise PLCs controlling critical infrastructure.","critical","advisory",[12],"CVE-2026-6284",[14,15,16,17],"Horner Automation","Cscape","XL4 PLC","XL7 PLC","Immediately identify and inventory all Horner Cscape and XL4\u002FXL7 PLC instances on your network. Patch Cscape to v10.2 SP2 or later and update PLC firmware to latest versions. Until patched, restrict network access to these devices and enforce strong passwords.",[20],"de0f36b0-37f0-4cf8-a656-69c05d287659",null,[23],"https:\u002F\u002Fwww.cisa.gov\u002Fnews-events\u002Fics-advisories\u002Ficsa-26-106-02","archived","2026-04-20T17:08:26.721+00:00","2026-04-18T17:08:30.688274+00:00","2026-04-20T18:09:46.632253+00:00",[29],{"id":20,"title":6,"url":23}]