{
  "type": "bundle",
  "id": "bundle--6d0eeaa0-e9bb-46a5-a632-0e2b9b672278",
  "objects": [
    {
      "type": "report",
      "spec_version": "2.1",
      "id": "report--c98ac251-9f69-4090-a89b-2079db97eb4e",
      "created": "2026-04-20T09:05:57.000Z",
      "modified": "2026-04-20T09:05:57.000Z",
      "name": "Horner Automation Cscape and XL4, XL7 PLC",
      "description": "The following versions of Horner Automation Cscape and XL4, XL7 PLC are affected: Cscape v10.0 XL7 PLC v15.60 XL4 PLC v16.32.0 CVSS Vendor Equipment Vulnerabilities v3 9.1 Horner Automation Horner Automation Cscape and XL4, XL7 PLC Weak Password Requirements Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: United States Vulnerabilities Expand All + CVE-2026-6284 An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and...",
      "published": "2026-04-16T12:00:00.000Z",
      "report_types": [
        "threat-report"
      ],
      "object_refs": [
        "vulnerability--a4be269d-1fae-40ac-8033-8ab0c2d2cb5c",
        "attack-pattern--05c2a4a0-f7e8-4a94-8be4-8f15f35c896b",
        "attack-pattern--10e53ae1-8b12-490a-ac18-737d06b749fe"
      ],
      "external_references": [
        {
          "source_name": "CISA Advisories",
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-02",
          "description": "Horner Automation Cscape and XL4, XL7 PLC"
        }
      ],
      "labels": [
        "Government",
        "Critical Infrastructure",
        "Manufacturing"
      ]
    },
    {
      "type": "vulnerability",
      "spec_version": "2.1",
      "id": "vulnerability--a4be269d-1fae-40ac-8033-8ab0c2d2cb5c",
      "created": "2026-04-20T09:05:57.000Z",
      "modified": "2026-04-20T09:05:57.000Z",
      "name": "CVE-2026-6284",
      "external_references": [
        {
          "source_name": "cve",
          "external_id": "CVE-2026-6284",
          "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6284"
        }
      ]
    },
    {
      "type": "attack-pattern",
      "spec_version": "2.1",
      "id": "attack-pattern--05c2a4a0-f7e8-4a94-8be4-8f15f35c896b",
      "created": "2026-04-20T09:05:57.000Z",
      "modified": "2026-04-20T09:05:57.000Z",
      "name": "Command and Scripting Interpreter",
      "external_references": [
        {
          "source_name": "mitre-attack",
          "external_id": "T1059",
          "url": "https://attack.mitre.org/techniques/T1059/"
        }
      ],
      "kill_chain_phases": [
        {
          "kill_chain_name": "mitre-attack",
          "phase_name": "execution"
        }
      ]
    },
    {
      "type": "attack-pattern",
      "spec_version": "2.1",
      "id": "attack-pattern--10e53ae1-8b12-490a-ac18-737d06b749fe",
      "created": "2026-04-20T09:05:57.000Z",
      "modified": "2026-04-20T09:05:57.000Z",
      "name": "Brute Force",
      "external_references": [
        {
          "source_name": "mitre-attack",
          "external_id": "T1110",
          "url": "https://attack.mitre.org/techniques/T1110/"
        }
      ],
      "kill_chain_phases": [
        {
          "kill_chain_name": "mitre-attack",
          "phase_name": "credential-access"
        }
      ]
    }
  ]
}