CVE-2023-0622 – Cscape Envision RV version 4.60 has an out-of-b... (How to Fix)

Q: What is the severity of CVE-2023-0622?

CVE-2023-0622 has a CVSS score of 7.8 (HIGH). Cscape Envision RV version 4.60 has an out-of-bounds write vulnerability when parsing HMI project files. This allows attackers to execute arbitrary code with the privileges of the current process. Organizations using this specific version for industrial control systems are affected.

📋 TL;DR

Cscape Envision RV version 4.60 has an out-of-bounds write vulnerability when parsing HMI project files. This allows attackers to execute arbitrary code with the privileges of the current process. Organizations using this specific version for industrial control systems are affected.

💻 Affected Systems

Products:

Cscape Envision RV

Versions: Version 4.60 specifically

Operating Systems: Windows (typical for HMI software)

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems processing HMI project files. Industrial control environments are primary targets.

📦 What is this software?

Cscape Envision Rv by Hornerautomation

View all CVEs affecting Cscape Envision Rv →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise leading to disruption of industrial processes, data theft, or physical damage to equipment.

🟠

Likely Case

Local privilege escalation or remote code execution if project files can be delivered to the system.

🟢

If Mitigated

Limited impact with proper network segmentation and file validation controls.

🌐 Internet-Facing: MEDIUM - Requires project file delivery but could be exploited if systems are exposed.

🏢 Internal Only: HIGH - Industrial control systems often process untrusted project files internally.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires attacker to provide a malicious project file. No public exploit code known at advisory time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 4.61 or later

Vendor Advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-23-040-04

Restart Required: Yes

Instructions:

1. Download updated version from vendor. 2. Backup current configuration. 3. Install update. 4. Restart system. 5. Verify version shows 4.61 or higher.

🔧 Temporary Workarounds

Restrict project file sources

all

Only allow project files from trusted sources and implement file validation

Network segmentation

all

Isolate Envision RV systems from untrusted networks

🧯 If You Can't Patch

Implement strict access controls on who can load project files
Monitor for unusual process behavior or file parsing errors

🔍 How to Verify

Check if Vulnerable:

Check software version in About dialog or program properties

Check Version:

Check via software interface or Windows Programs and Features

Verify Fix Applied:

Confirm version is 4.61 or higher after update

📡 Detection & Monitoring

Log Indicators:

Failed project file parsing
Application crashes when loading files
Unusual process creation

Network Indicators:

Unexpected project file transfers to HMI systems

SIEM Query:

Process creation where parent process is EnvisionRV.exe AND command line contains suspicious file paths

📊 Metadata

CVE ID: CVE-2023-0622

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: March 9, 2023

Last Updated: January 17, 2025

🔗 References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-040-04 Third Party Advisory,US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-040-04 Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-0622, you might also want to check these: