Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
76 vulnerabilities found for ignition by inductiveautomation
CVE-2025-13913 (GCVE-0-2025-13913)
Vulnerability from nvd – Published: 2026-03-12 18:17 – Updated: 2026-03-17 15:29
VLAI
Title
Inductive Automation Ignition Software Deserialization of Untrusted Data
Summary
A privileged Ignition user, intentionally or otherwise, imports an external file with a specially crafted payload, which executes embedded malicious code.
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition Software |
Affected:
0 , < 8.3.0
(custom)
Unaffected: 8.3.0 |
Date Public
2026-03-12 15:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13913",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T19:06:06.866760Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T19:06:53.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Ignition Software",
"vendor": "Inductive Automation",
"versions": [
{
"lessThan": "8.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.3.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nik Tsytsarkin, Ismail Aydemir, and Ryan Hall of Meta reported this vulnerability to Inductive Automation."
}
],
"datePublic": "2026-03-12T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eA privileged Ignition user, intentionally or otherwise, imports an external file with a specially crafted payload, which executes embedded malicious code.\u003c/span\u003e"
}
],
"value": "A privileged Ignition user, intentionally or otherwise, imports an external file with a specially crafted payload, which executes embedded malicious code."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-17T15:29:47.962Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-06"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-071-06.json"
},
{
"url": "https://inductiveautomation.com/resources/article/ignition-security-hardening-guide"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade Ignition software from 8.1.x to 8.3.0 or greater."
}
],
"value": "Upgrade Ignition software from 8.1.x to 8.3.0 or greater."
}
],
"source": {
"advisory": "ICSA-26-071-06",
"discovery": "EXTERNAL"
},
"title": "Inductive Automation Ignition Software Deserialization of Untrusted Data",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "MITIGATION (8.1.x Linux). Implement Ignition Security Hardening Guide \nAppendix A. \nhttps://inductiveautomation.com/resources/article/ignition-security-hardening-guide"
}
],
"value": "MITIGATION (8.1.x Linux). Implement Ignition Security Hardening Guide \nAppendix A. \nhttps://inductiveautomation.com/resources/article/ignition-security-hardening-guide"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\nMITIGATION (8.1.x Windows). Covered in Ignition Security Hardening Guide\n Appendix A.\u0026nbsp;\u003c/div\u003e\u003cdiv\u003e\u003col\u003e\u003cli\u003eCreate a new dedicated local Windows account that will \nbe used exclusively for the Ignition service (e.g. svc-ign).\u0026nbsp;a. The best\n security practice is that the Ignition service should not be a domain \naccount (unless otherwise needed). b. Remove all group memberships from \nthe service account (including Users and Administrators). c. Add to \nsecurity policy to log in as a service. d. Add to \"Deny log on locally\" \nsecurity policy.\u0026nbsp;\u003c/li\u003e\u003cli\u003eProvide full read/write access only to the Ignition \ninstallation directory for the service account created in #1. a. Add \nread/write permissions to other directories in the local filesystem as \nneeded (e.g.: if configured to use optional Enterprise Administration \nModule to write automated backups to the file system).\u0026nbsp;\u003c/li\u003e\u003cli\u003eSet deny \naccess settings for service account on other directories not needed by \nthe Ignition service. a. Specifically the C:\\Windows, C:\\Users, and \ndirectories for any other applications in the Program Files or Program \nFiles(x86) directories. b. Use java param to change temp directory to a \nlocation within the Ignition install directory so the Users folder can \nbe denied access to the Ignition service account.\u003c/li\u003e\u003cli\u003eRestrict project imports to verified \nand trusted sources only, ideally using checksums or digital \nsignatures.\u003c/li\u003e\u003cli\u003eUse multiple environments (e.g. Dev, Test, Prod) with a \nstaging workflow so that new data is never introduced directly to\u0026nbsp; \nproduction environments. See Ignition Deployment Best Practices.\u003c/li\u003e\u003cli\u003eWhen \nfeasible, segment or isolate Ignition gateways from corporate resources \nand Windows Domains.a. The Ignition service account or AD server object \nshould never need Windows Domain or Windows Active Directory privileges.\n This would only be needed if an Asset Owners IT or OT department uses \nthis for management outside Ignition.b. Ignition may be federated with \nActive Directory environments (e.g. OT domains) by entering \n\"Authentication Profile\" credentials within the Ignition gateway itself.\n This could use secure LDAP, SAML, or OpenID Connect.\u003c/li\u003e\u003cli\u003eWhen feasible, \nenforce strong credential management and MFA for all users with Designer\n permissions (8.1.x and 8.3.x), Config Page permissions (8.1.x), and \nConfig Write permissions (8.3.x).\u003c/li\u003e\u003cli\u003eWhen feasible, deploy Ignition \nwithin hardened or containerized environments.\n\n\n\n\u003cbr\u003e\u003c/li\u003e\u003c/ol\u003e\u003c/div\u003e"
}
],
"value": "MITIGATION (8.1.x Windows). Covered in Ignition Security Hardening Guide\n Appendix A.\u00a0\n\n * Create a new dedicated local Windows account that will \nbe used exclusively for the Ignition service (e.g. svc-ign).\u00a0a. The best\n security practice is that the Ignition service should not be a domain \naccount (unless otherwise needed). b. Remove all group memberships from \nthe service account (including Users and Administrators). c. Add to \nsecurity policy to log in as a service. d. Add to \"Deny log on locally\" \nsecurity policy.\u00a0\n * Provide full read/write access only to the Ignition \ninstallation directory for the service account created in #1. a. Add \nread/write permissions to other directories in the local filesystem as \nneeded (e.g.: if configured to use optional Enterprise Administration \nModule to write automated backups to the file system).\u00a0\n * Set deny \naccess settings for service account on other directories not needed by \nthe Ignition service. a. Specifically the C:\\Windows, C:\\Users, and \ndirectories for any other applications in the Program Files or Program \nFiles(x86) directories. b. Use java param to change temp directory to a \nlocation within the Ignition install directory so the Users folder can \nbe denied access to the Ignition service account.\n * Restrict project imports to verified \nand trusted sources only, ideally using checksums or digital \nsignatures.\n * Use multiple environments (e.g. Dev, Test, Prod) with a \nstaging workflow so that new data is never introduced directly to\u00a0 \nproduction environments. See Ignition Deployment Best Practices.\n * When \nfeasible, segment or isolate Ignition gateways from corporate resources \nand Windows Domains.a. The Ignition service account or AD server object \nshould never need Windows Domain or Windows Active Directory privileges.\n This would only be needed if an Asset Owners IT or OT department uses \nthis for management outside Ignition.b. Ignition may be federated with \nActive Directory environments (e.g. OT domains) by entering \n\"Authentication Profile\" credentials within the Ignition gateway itself.\n This could use secure LDAP, SAML, or OpenID Connect.\n * When feasible, \nenforce strong credential management and MFA for all users with Designer\n permissions (8.1.x and 8.3.x), Config Page permissions (8.1.x), and \nConfig Write permissions (8.3.x).\n * When feasible, deploy Ignition \nwithin hardened or containerized environments."
}
],
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-13913",
"datePublished": "2026-03-12T18:17:22.839Z",
"dateReserved": "2025-12-02T17:43:55.964Z",
"dateUpdated": "2026-03-17T15:29:47.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-50233 (GCVE-0-2023-50233)
Vulnerability from nvd – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.
The specific flaw exists within the getJavaExecutable method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22029.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.31
|
|
| inductiveautomation | ignition |
Affected:
8.1.31
cpe:2.3:a:inductiveautomation:ignition:8.1.31:*:*:*:*:*:*:* |
Date Public
2024-02-21 19:14
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:8.1.31:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.31"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50233",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T14:09:00.610715Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T21:03:14.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-185",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-185/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.31"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.749Z",
"datePublic": "2024-02-21T19:14:57.983Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.\n\nThe specific flaw exists within the getJavaExecutable method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22029."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:49.645Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-185",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-185/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"
},
"title": "Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50233",
"datePublished": "2024-05-03T02:14:49.645Z",
"dateReserved": "2023-12-05T16:15:17.545Z",
"dateUpdated": "2024-08-02T22:09:49.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50232 (GCVE-0-2023-50232)
Vulnerability from nvd – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.
The specific flaw exists within the getParams method. The issue results from the lack of proper validation of a user-supplied string before using it to prepare an argument for a system call. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22028.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.31
|
|
| inductiveautomation | ignition |
Affected:
8.1.31 , < 8.1.35
(custom)
cpe:2.3:a:inductiveautomation:ignition:8.1.31:*:*:*:*:*:*:* |
Date Public
2024-02-21 19:14
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:8.1.31:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"lessThan": "8.1.35",
"status": "affected",
"version": "8.1.31",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50232",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T19:21:19.849756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T19:25:30.871Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-184",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-184/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.31"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.744Z",
"datePublic": "2024-02-21T19:14:52.766Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.\n\nThe specific flaw exists within the getParams method. The issue results from the lack of proper validation of a user-supplied string before using it to prepare an argument for a system call. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22028."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88: Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:48.881Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-184",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-184/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"
},
"title": "Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50232",
"datePublished": "2024-05-03T02:14:48.881Z",
"dateReserved": "2023-12-05T16:15:17.545Z",
"dateUpdated": "2024-08-02T22:09:49.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50223 (GCVE-0-2023-50223)
Vulnerability from nvd – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.
The specific flaw exists within the ExtendedDocumentCodec class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-22127.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
6.4.1.207
|
|
| inductiveautomation | ignition |
Affected:
6.4.1.207
cpe:2.3:a:inductiveautomation:ignition:-:*:*:*:*:*:*:* |
Date Public
2024-01-05 15:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "6.4.1.207"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50223",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T16:48:13.947162Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:05:08.998Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-018",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-018/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "6.4.1.207"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.691Z",
"datePublic": "2024-01-05T15:00:27.138Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the ExtendedDocumentCodec class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-22127."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:42.233Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-018",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-018/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Andy Niu of Trend Micro Security Research"
},
"title": "Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50223",
"datePublished": "2024-05-03T02:14:42.233Z",
"dateReserved": "2023-12-05T16:15:17.542Z",
"dateUpdated": "2024-08-02T22:09:49.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50222 (GCVE-0-2023-50222)
Vulnerability from nvd – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.
The specific flaw exists within the ResponseParser method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22067.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.31
|
|
| inductiveautomation | ignition |
Affected:
8.1.31
cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:* |
Date Public
2024-01-05 15:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.31"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50222",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T21:03:47.740884Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:59.944Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.870Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-017",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-017/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.31"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.686Z",
"datePublic": "2024-01-05T15:00:22.033Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.\n\nThe specific flaw exists within the ResponseParser method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22067."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:41.474Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-017",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-017/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"
},
"title": "Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50222",
"datePublished": "2024-05-03T02:14:41.474Z",
"dateReserved": "2023-12-05T16:15:17.542Z",
"dateUpdated": "2024-08-02T22:09:49.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50221 (GCVE-0-2023-50221)
Vulnerability from nvd – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.
The specific flaw exists within the ResponseParser method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-21926.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.31
|
|
| inductiveautomation | ignition |
Affected:
8.1.31
cpe:2.3:a:inductiveautomation:ignition:-:*:*:*:*:*:*:* |
Date Public
2024-01-05 15:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.31"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50221",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T19:58:04.180966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T20:01:39.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-016",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-016/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.31"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.678Z",
"datePublic": "2024-01-05T15:00:17.168Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.\n\nThe specific flaw exists within the ResponseParser method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-21926."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:40.701Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-016",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-016/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Nguyen Quoc Viet (Petrus Viet) of VNG Security Researcher"
},
"title": "Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50221",
"datePublished": "2024-05-03T02:14:40.701Z",
"dateReserved": "2023-12-05T16:15:17.542Z",
"dateUpdated": "2024-08-02T22:09:49.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50220 (GCVE-0-2023-50220)
Vulnerability from nvd – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.
The specific flaw exists within the Base64Element class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21801.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.30
|
|
| inductiveautomation | ignition |
Affected:
8.1.30
cpe:2.3:a:inductiveautomation:ignition:8.1.3:*:*:*:*:*:*:* |
Date Public
2024-01-05 15:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:8.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.30"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-21T18:14:54.610553Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:50.778Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-015",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-015/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.30"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.672Z",
"datePublic": "2024-01-05T15:00:11.022Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the Base64Element class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21801."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:39.917Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-015",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-015/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Nguyen Quoc Viet (Petrus Viet) of VNG Security Researcher"
},
"title": "Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50220",
"datePublished": "2024-05-03T02:14:39.917Z",
"dateReserved": "2023-12-05T16:15:17.542Z",
"dateUpdated": "2024-08-02T22:09:49.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50219 (GCVE-0-2023-50219)
Vulnerability from nvd – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.
The specific flaw exists within the RunQuery class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21625.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.30
|
|
| inductiveautomation | ignition |
Affected:
8.1.30
cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:* |
Date Public
2024-01-05 15:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.30"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50219",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T20:15:14.831755Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:51.888Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-014",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-014/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.30"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.667Z",
"datePublic": "2024-01-05T15:00:05.498Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the RunQuery class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21625."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:39.147Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-014",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-014/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Nguyen Quoc Viet (Petrus Viet) of VNG Security Researcher"
},
"title": "Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50219",
"datePublished": "2024-05-03T02:14:39.147Z",
"dateReserved": "2023-12-05T16:15:17.542Z",
"dateUpdated": "2024-08-02T22:09:49.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50218 (GCVE-0-2023-50218)
Vulnerability from nvd – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.
The specific flaw exists within the ModuleInvoke class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21624.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.30
|
|
| inductiveautomation | ignition |
Affected:
8.1.3
cpe:2.3:a:inductiveautomation:ignition:8.1.3:*:*:*:*:*:*:* |
Date Public
2024-01-05 14:56
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:8.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.3"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50218",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-06T20:56:49.694175Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:58.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1813",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1813/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.30"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.662Z",
"datePublic": "2024-01-05T14:56:04.085Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the ModuleInvoke class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21624."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:38.394Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1813",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1813/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Nguyen Quoc Viet (Petrus Viet) of VNG Security Researcher"
},
"title": "Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50218",
"datePublished": "2024-05-03T02:14:38.394Z",
"dateReserved": "2023-12-05T16:15:17.542Z",
"dateUpdated": "2024-08-02T22:09:49.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39477 (GCVE-0-2023-39477)
Vulnerability from nvd – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
VLAI
Title
Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability
Summary
Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20499.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption ('Resource Exhaustion')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://inductiveautomation.com/downloads/release… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.24
|
|
| inductiveautomation | ignition |
Affected:
8.1.24
cpe:2.3:a:inductiveautomation:ignition:8.1.24:*:*:*:*:*:*:* |
Date Public
2023-08-08 14:49
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:8.1.24:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.24"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39477",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-05T15:47:53.751712Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T17:35:42.447Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1050",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1050/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://inductiveautomation.com/downloads/releasenotes/8.1.33"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.24"
}
]
}
],
"dateAssigned": "2023-08-02T21:44:31.510Z",
"datePublic": "2023-08-08T14:49:31.561Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20499."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption (\u0027Resource Exhaustion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:10:42.854Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1050",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1050/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://inductiveautomation.com/downloads/releasenotes/8.1.33"
}
],
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Vens, Sharon Brizinov"
},
"title": "Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39477",
"datePublished": "2024-05-03T02:10:42.854Z",
"dateReserved": "2023-08-02T21:37:23.124Z",
"dateUpdated": "2024-08-02T18:10:20.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39476 (GCVE-0-2023-39476)
Vulnerability from nvd – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
VLAI
Title
Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the JavaSerializationCodec class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20291.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.25
|
|
| inductiveautomation | ignition |
Affected:
8.1.22 , < 8.1.35
(custom)
cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:* |
Date Public
2023-08-08 14:49
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"lessThan": "8.1.35",
"status": "affected",
"version": "8.1.22",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39476",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-05T17:03:23.809391Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T20:59:53.039Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1046",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1046/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.25"
}
]
}
],
"dateAssigned": "2023-08-02T21:44:31.504Z",
"datePublic": "2023-08-08T14:49:12.720Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the JavaSerializationCodec class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20291."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:10:42.122Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1046",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1046/"
}
],
"source": {
"lang": "en",
"value": "Rocco Calvi (@TecR0c) and Steven Seeley (mr_me) of Incite Team"
},
"title": "Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39476",
"datePublished": "2024-05-03T02:10:42.122Z",
"dateReserved": "2023-08-02T21:37:23.124Z",
"dateUpdated": "2024-08-02T18:10:20.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39475 (GCVE-0-2023-39475)
Vulnerability from nvd – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
VLAI
Title
Inductive Automation Ignition ParameterVersionJavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition ParameterVersionJavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the ParameterVersionJavaSerializationCodec class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20290.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.25
|
|
| inductiveautomation | ignition |
Affected:
8.1.22 , < 8.1.35
(custom)
cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:* |
Date Public
2023-08-08 14:49
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"lessThan": "8.1.35",
"status": "affected",
"version": "8.1.22",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39475",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-05T17:00:31.612223Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T20:59:42.213Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1047",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1047/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.25"
}
]
}
],
"dateAssigned": "2023-08-02T21:44:31.499Z",
"datePublic": "2023-08-08T14:49:17.670Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition ParameterVersionJavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the ParameterVersionJavaSerializationCodec class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20290."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:10:41.406Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1047",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1047/"
}
],
"source": {
"lang": "en",
"value": "Rocco Calvi (@TecR0c) and Steven Seeley (mr_me) of Incite Team"
},
"title": "Inductive Automation Ignition ParameterVersionJavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39475",
"datePublished": "2024-05-03T02:10:41.406Z",
"dateReserved": "2023-08-02T21:37:23.124Z",
"dateUpdated": "2024-08-02T18:10:20.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39474 (GCVE-0-2023-39474)
Vulnerability from nvd – Published: 2024-05-03 02:10 – Updated: 2024-09-18 18:29
VLAI
Title
Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.
The specific flaw exists within the downloadLaunchClientJar function. The issue results from the lack of validating a remote JAR file prior to loading it. An attacker can leverage this vulnerability to execute code in the context of the current user.
. Was ZDI-CAN-19915.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-494 - Download of Code Without Integrity Check
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.24-RC / 1.1.24-RC
|
|
| inductiveautomation | ignition |
Affected:
0 , < *
(custom)
cpe:2.3:a:inductiveautomation:ignition:-:*:*:*:*:*:*:* |
Date Public
2023-08-08 14:49
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39474",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T19:35:35.328270Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T19:35:38.394Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1049",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1049/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.24-RC / 1.1.24-RC"
}
]
}
],
"dateAssigned": "2023-08-02T21:44:31.493Z",
"datePublic": "2023-08-08T14:49:25.873Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.\n\nThe specific flaw exists within the downloadLaunchClientJar function. The issue results from the lack of validating a remote JAR file prior to loading it. An attacker can leverage this vulnerability to execute code in the context of the current user.\n. Was ZDI-CAN-19915."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "CWE-494: Download of Code Without Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:29:37.407Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1049",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1049/"
}
],
"source": {
"lang": "en",
"value": "Nguy\u1ec5n Ti\u1ebfn Giang (Jang) of STAR Labs SG Pte. Ltd."
},
"title": "Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39474",
"datePublished": "2024-05-03T02:10:40.714Z",
"dateReserved": "2023-08-02T21:37:23.124Z",
"dateUpdated": "2024-09-18T18:29:37.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39473 (GCVE-0-2023-39473)
Vulnerability from nvd – Published: 2024-05-03 02:10 – Updated: 2024-09-18 18:29
VLAI
Title
Inductive Automation Ignition AbstractGatewayFunction Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition AbstractGatewayFunction Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.
The specific flaw exists within the AbstractGatewayFunction class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.
. Was ZDI-CAN-17587.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
Inductive Automation Ignition 8.1.17 LTS
|
|
| inductiveautomation | ignition |
Affected:
8.1 , < 8.1.35
(custom)
cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:* |
Date Public
2023-08-08 14:49
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"lessThan": "8.1.35",
"status": "affected",
"version": "8.1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39473",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-05T17:14:05.364540Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T21:00:08.201Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1045",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1045/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "Inductive Automation Ignition 8.1.17 LTS"
}
]
}
],
"dateAssigned": "2023-08-02T21:44:31.488Z",
"datePublic": "2023-08-08T14:49:09.386Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition AbstractGatewayFunction Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the AbstractGatewayFunction class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n. Was ZDI-CAN-17587."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:29:36.706Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1045",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1045/"
}
],
"source": {
"lang": "en",
"value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"
},
"title": "Inductive Automation Ignition AbstractGatewayFunction Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39473",
"datePublished": "2024-05-03T02:10:39.937Z",
"dateReserved": "2023-08-02T21:37:23.124Z",
"dateUpdated": "2024-09-18T18:29:36.706Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39472 (GCVE-0-2023-39472)
Vulnerability from nvd – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
VLAI
Title
Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability
Summary
Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.
The specific flaw exists within the SimpleXMLReader class. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of the SYSTEM.
. Was ZDI-CAN-17571.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.17 LTS
|
|
| inductiveautomation | ignition |
Affected:
8.1.17 LTS
cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:* |
Date Public
2023-08-08 14:49
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.17 LTS"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39472",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-10T18:22:51.863259Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:10.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.889Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1048",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1048/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.17 LTS"
}
]
}
],
"dateAssigned": "2023-08-02T21:44:31.483Z",
"datePublic": "2023-08-08T14:49:22.244Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the SimpleXMLReader class. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of the SYSTEM.\n. Was ZDI-CAN-17571."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-09T22:21:06.255Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1048",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1048/"
}
],
"source": {
"lang": "en",
"value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"
},
"title": "Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39472",
"datePublished": "2024-05-03T02:10:39.196Z",
"dateReserved": "2023-08-02T21:37:23.124Z",
"dateUpdated": "2024-08-02T18:10:20.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38124 (GCVE-0-2023-38124)
Vulnerability from nvd – Published: 2024-05-03 01:59 – Updated: 2024-08-02 17:30
VLAI
Title
Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.
The specific flaw exists within the Ignition Gateway server. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20541.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-749 - Exposed Dangerous Method or Function
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://inductiveautomation.com/blog/inductive-au… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.24
|
|
| inductiveautomation | ignition |
Affected:
*
cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:* |
Date Public
2023-08-01 14:08
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T17:29:25.520163Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:56.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1015",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1015/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://inductiveautomation.com/blog/inductive-automation-participates-in-pwn2own-to-strengthen-ignition-security"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.24"
}
]
}
],
"dateAssigned": "2023-07-12T15:35:25.013Z",
"datePublic": "2023-08-01T14:08:05.021Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the Ignition Gateway server. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20541."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:20.496Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1015",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1015/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://inductiveautomation.com/blog/inductive-automation-participates-in-pwn2own-to-strengthen-ignition-security"
}
],
"source": {
"lang": "en",
"value": "20urdjk"
},
"title": "Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-38124",
"datePublished": "2024-05-03T01:59:20.496Z",
"dateReserved": "2023-07-12T15:22:20.623Z",
"dateUpdated": "2024-08-02T17:30:14.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38123 (GCVE-0-2023-38123)
Vulnerability from nvd – Published: 2024-05-03 01:59 – Updated: 2024-08-02 17:30
VLAI
Title
Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability
Summary
Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the server configuration. The issue results from the lack of authentication prior to allowing access to password change functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20540.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://inductiveautomation.com/blog/inductive-au… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.24
|
|
| inductiveautomation | ignition |
Affected:
8.1.24
cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:* |
Date Public
2023-08-01 14:07
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.24"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38123",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-06T18:20:26.377240Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:28:11.909Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1014",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1014/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://inductiveautomation.com/blog/inductive-automation-participates-in-pwn2own-to-strengthen-ignition-security"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.24"
}
]
}
],
"dateAssigned": "2023-07-12T15:35:25.007Z",
"datePublic": "2023-08-01T14:07:57.002Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the server configuration. The issue results from the lack of authentication prior to allowing access to password change functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20540."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:19.765Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1014",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1014/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://inductiveautomation.com/blog/inductive-automation-participates-in-pwn2own-to-strengthen-ignition-security"
}
],
"source": {
"lang": "en",
"value": "20urdjk"
},
"title": "Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-38123",
"datePublished": "2024-05-03T01:59:19.765Z",
"dateReserved": "2023-07-12T15:22:20.623Z",
"dateUpdated": "2024-08-02T17:30:14.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38122 (GCVE-0-2023-38122)
Vulnerability from nvd – Published: 2024-05-03 01:59 – Updated: 2024-08-02 17:30
VLAI
Title
Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the configuration of the web server. The issue results from the lack of appropriate Content Security Policy headers. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of SYSTEM. Was ZDI-CAN-20539.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-942 - Permissive Cross-domain Policy with Untrusted Domains
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://inductiveautomation.com/blog/inductive-au… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.24
|
|
| inductiveautomation | ignition |
Affected:
8.1.24
cpe:2.3:a:inductiveautomation:ignition:8.1.24:*:*:*:*:*:*:* |
Date Public
2023-08-01 14:07
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:8.1.24:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.24"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38122",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T18:46:07.517841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T21:01:09.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:13.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1013",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1013/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://inductiveautomation.com/blog/inductive-automation-participates-in-pwn2own-to-strengthen-ignition-security"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.24"
}
]
}
],
"dateAssigned": "2023-07-12T15:35:24.997Z",
"datePublic": "2023-08-01T14:07:46.401Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the configuration of the web server. The issue results from the lack of appropriate Content Security Policy headers. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of SYSTEM. Was ZDI-CAN-20539."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-942",
"description": "CWE-942: Permissive Cross-domain Policy with Untrusted Domains",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:19.031Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1013",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1013/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://inductiveautomation.com/blog/inductive-automation-participates-in-pwn2own-to-strengthen-ignition-security"
}
],
"source": {
"lang": "en",
"value": "20urdjk"
},
"title": "Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-38122",
"datePublished": "2024-05-03T01:59:19.031Z",
"dateReserved": "2023-07-12T15:22:20.623Z",
"dateUpdated": "2024-08-02T17:30:13.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38121 (GCVE-0-2023-38121)
Vulnerability from nvd – Published: 2024-05-03 01:59 – Updated: 2024-08-02 17:30
VLAI
Title
Inductive Automation Ignition OPC UA Quick Client Cross-Site Scripting Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition OPC UA Quick Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of the id parameter provided to the Inductive Automation Ignition web interface. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-20355.
Severity
8.3 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://inductiveautomation.com/blog/inductive-au… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.24
|
|
| inductiveautomation | ignition |
Affected:
8.1.24
cpe:2.3:a:inductiveautomation:ignition:8.1.24:*:*:*:*:*:*:* |
Date Public
2023-08-01 14:07
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:8.1.24:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.24"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T14:12:50.388895Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T20:29:46.334Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1012",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1012/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://inductiveautomation.com/blog/inductive-automation-participates-in-pwn2own-to-strengthen-ignition-security"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.24"
}
]
}
],
"dateAssigned": "2023-07-12T15:35:24.991Z",
"datePublic": "2023-08-01T14:07:38.431Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition OPC UA Quick Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of the id parameter provided to the Inductive Automation Ignition web interface. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-20355."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:18.329Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1012",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1012/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://inductiveautomation.com/blog/inductive-automation-participates-in-pwn2own-to-strengthen-ignition-security"
}
],
"source": {
"lang": "en",
"value": "20urdjk"
},
"title": "Inductive Automation Ignition OPC UA Quick Client Cross-Site Scripting Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-38121",
"datePublished": "2024-05-03T01:59:18.329Z",
"dateReserved": "2023-07-12T15:22:20.623Z",
"dateUpdated": "2024-08-02T17:30:14.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-13913 (GCVE-0-2025-13913)
Vulnerability from cvelistv5 – Published: 2026-03-12 18:17 – Updated: 2026-03-17 15:29
VLAI
Title
Inductive Automation Ignition Software Deserialization of Untrusted Data
Summary
A privileged Ignition user, intentionally or otherwise, imports an external file with a specially crafted payload, which executes embedded malicious code.
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition Software |
Affected:
0 , < 8.3.0
(custom)
Unaffected: 8.3.0 |
Date Public
2026-03-12 15:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13913",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T19:06:06.866760Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T19:06:53.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Ignition Software",
"vendor": "Inductive Automation",
"versions": [
{
"lessThan": "8.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.3.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nik Tsytsarkin, Ismail Aydemir, and Ryan Hall of Meta reported this vulnerability to Inductive Automation."
}
],
"datePublic": "2026-03-12T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eA privileged Ignition user, intentionally or otherwise, imports an external file with a specially crafted payload, which executes embedded malicious code.\u003c/span\u003e"
}
],
"value": "A privileged Ignition user, intentionally or otherwise, imports an external file with a specially crafted payload, which executes embedded malicious code."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-17T15:29:47.962Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-06"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-071-06.json"
},
{
"url": "https://inductiveautomation.com/resources/article/ignition-security-hardening-guide"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade Ignition software from 8.1.x to 8.3.0 or greater."
}
],
"value": "Upgrade Ignition software from 8.1.x to 8.3.0 or greater."
}
],
"source": {
"advisory": "ICSA-26-071-06",
"discovery": "EXTERNAL"
},
"title": "Inductive Automation Ignition Software Deserialization of Untrusted Data",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "MITIGATION (8.1.x Linux). Implement Ignition Security Hardening Guide \nAppendix A. \nhttps://inductiveautomation.com/resources/article/ignition-security-hardening-guide"
}
],
"value": "MITIGATION (8.1.x Linux). Implement Ignition Security Hardening Guide \nAppendix A. \nhttps://inductiveautomation.com/resources/article/ignition-security-hardening-guide"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\nMITIGATION (8.1.x Windows). Covered in Ignition Security Hardening Guide\n Appendix A.\u0026nbsp;\u003c/div\u003e\u003cdiv\u003e\u003col\u003e\u003cli\u003eCreate a new dedicated local Windows account that will \nbe used exclusively for the Ignition service (e.g. svc-ign).\u0026nbsp;a. The best\n security practice is that the Ignition service should not be a domain \naccount (unless otherwise needed). b. Remove all group memberships from \nthe service account (including Users and Administrators). c. Add to \nsecurity policy to log in as a service. d. Add to \"Deny log on locally\" \nsecurity policy.\u0026nbsp;\u003c/li\u003e\u003cli\u003eProvide full read/write access only to the Ignition \ninstallation directory for the service account created in #1. a. Add \nread/write permissions to other directories in the local filesystem as \nneeded (e.g.: if configured to use optional Enterprise Administration \nModule to write automated backups to the file system).\u0026nbsp;\u003c/li\u003e\u003cli\u003eSet deny \naccess settings for service account on other directories not needed by \nthe Ignition service. a. Specifically the C:\\Windows, C:\\Users, and \ndirectories for any other applications in the Program Files or Program \nFiles(x86) directories. b. Use java param to change temp directory to a \nlocation within the Ignition install directory so the Users folder can \nbe denied access to the Ignition service account.\u003c/li\u003e\u003cli\u003eRestrict project imports to verified \nand trusted sources only, ideally using checksums or digital \nsignatures.\u003c/li\u003e\u003cli\u003eUse multiple environments (e.g. Dev, Test, Prod) with a \nstaging workflow so that new data is never introduced directly to\u0026nbsp; \nproduction environments. See Ignition Deployment Best Practices.\u003c/li\u003e\u003cli\u003eWhen \nfeasible, segment or isolate Ignition gateways from corporate resources \nand Windows Domains.a. The Ignition service account or AD server object \nshould never need Windows Domain or Windows Active Directory privileges.\n This would only be needed if an Asset Owners IT or OT department uses \nthis for management outside Ignition.b. Ignition may be federated with \nActive Directory environments (e.g. OT domains) by entering \n\"Authentication Profile\" credentials within the Ignition gateway itself.\n This could use secure LDAP, SAML, or OpenID Connect.\u003c/li\u003e\u003cli\u003eWhen feasible, \nenforce strong credential management and MFA for all users with Designer\n permissions (8.1.x and 8.3.x), Config Page permissions (8.1.x), and \nConfig Write permissions (8.3.x).\u003c/li\u003e\u003cli\u003eWhen feasible, deploy Ignition \nwithin hardened or containerized environments.\n\n\n\n\u003cbr\u003e\u003c/li\u003e\u003c/ol\u003e\u003c/div\u003e"
}
],
"value": "MITIGATION (8.1.x Windows). Covered in Ignition Security Hardening Guide\n Appendix A.\u00a0\n\n * Create a new dedicated local Windows account that will \nbe used exclusively for the Ignition service (e.g. svc-ign).\u00a0a. The best\n security practice is that the Ignition service should not be a domain \naccount (unless otherwise needed). b. Remove all group memberships from \nthe service account (including Users and Administrators). c. Add to \nsecurity policy to log in as a service. d. Add to \"Deny log on locally\" \nsecurity policy.\u00a0\n * Provide full read/write access only to the Ignition \ninstallation directory for the service account created in #1. a. Add \nread/write permissions to other directories in the local filesystem as \nneeded (e.g.: if configured to use optional Enterprise Administration \nModule to write automated backups to the file system).\u00a0\n * Set deny \naccess settings for service account on other directories not needed by \nthe Ignition service. a. Specifically the C:\\Windows, C:\\Users, and \ndirectories for any other applications in the Program Files or Program \nFiles(x86) directories. b. Use java param to change temp directory to a \nlocation within the Ignition install directory so the Users folder can \nbe denied access to the Ignition service account.\n * Restrict project imports to verified \nand trusted sources only, ideally using checksums or digital \nsignatures.\n * Use multiple environments (e.g. Dev, Test, Prod) with a \nstaging workflow so that new data is never introduced directly to\u00a0 \nproduction environments. See Ignition Deployment Best Practices.\n * When \nfeasible, segment or isolate Ignition gateways from corporate resources \nand Windows Domains.a. The Ignition service account or AD server object \nshould never need Windows Domain or Windows Active Directory privileges.\n This would only be needed if an Asset Owners IT or OT department uses \nthis for management outside Ignition.b. Ignition may be federated with \nActive Directory environments (e.g. OT domains) by entering \n\"Authentication Profile\" credentials within the Ignition gateway itself.\n This could use secure LDAP, SAML, or OpenID Connect.\n * When feasible, \nenforce strong credential management and MFA for all users with Designer\n permissions (8.1.x and 8.3.x), Config Page permissions (8.1.x), and \nConfig Write permissions (8.3.x).\n * When feasible, deploy Ignition \nwithin hardened or containerized environments."
}
],
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-13913",
"datePublished": "2026-03-12T18:17:22.839Z",
"dateReserved": "2025-12-02T17:43:55.964Z",
"dateUpdated": "2026-03-17T15:29:47.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-50233 (GCVE-0-2023-50233)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.
The specific flaw exists within the getJavaExecutable method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22029.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.31
|
|
| inductiveautomation | ignition |
Affected:
8.1.31
cpe:2.3:a:inductiveautomation:ignition:8.1.31:*:*:*:*:*:*:* |
Date Public
2024-02-21 19:14
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:8.1.31:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.31"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50233",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T14:09:00.610715Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T21:03:14.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-185",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-185/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.31"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.749Z",
"datePublic": "2024-02-21T19:14:57.983Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.\n\nThe specific flaw exists within the getJavaExecutable method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22029."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:49.645Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-185",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-185/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"
},
"title": "Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50233",
"datePublished": "2024-05-03T02:14:49.645Z",
"dateReserved": "2023-12-05T16:15:17.545Z",
"dateUpdated": "2024-08-02T22:09:49.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50232 (GCVE-0-2023-50232)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.
The specific flaw exists within the getParams method. The issue results from the lack of proper validation of a user-supplied string before using it to prepare an argument for a system call. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22028.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.31
|
|
| inductiveautomation | ignition |
Affected:
8.1.31 , < 8.1.35
(custom)
cpe:2.3:a:inductiveautomation:ignition:8.1.31:*:*:*:*:*:*:* |
Date Public
2024-02-21 19:14
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:8.1.31:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"lessThan": "8.1.35",
"status": "affected",
"version": "8.1.31",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50232",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T19:21:19.849756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T19:25:30.871Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-184",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-184/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.31"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.744Z",
"datePublic": "2024-02-21T19:14:52.766Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.\n\nThe specific flaw exists within the getParams method. The issue results from the lack of proper validation of a user-supplied string before using it to prepare an argument for a system call. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22028."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88: Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:48.881Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-184",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-184/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"
},
"title": "Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50232",
"datePublished": "2024-05-03T02:14:48.881Z",
"dateReserved": "2023-12-05T16:15:17.545Z",
"dateUpdated": "2024-08-02T22:09:49.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50223 (GCVE-0-2023-50223)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.
The specific flaw exists within the ExtendedDocumentCodec class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-22127.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
6.4.1.207
|
|
| inductiveautomation | ignition |
Affected:
6.4.1.207
cpe:2.3:a:inductiveautomation:ignition:-:*:*:*:*:*:*:* |
Date Public
2024-01-05 15:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "6.4.1.207"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50223",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T16:48:13.947162Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:05:08.998Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-018",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-018/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "6.4.1.207"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.691Z",
"datePublic": "2024-01-05T15:00:27.138Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the ExtendedDocumentCodec class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-22127."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:42.233Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-018",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-018/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Andy Niu of Trend Micro Security Research"
},
"title": "Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50223",
"datePublished": "2024-05-03T02:14:42.233Z",
"dateReserved": "2023-12-05T16:15:17.542Z",
"dateUpdated": "2024-08-02T22:09:49.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50222 (GCVE-0-2023-50222)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.
The specific flaw exists within the ResponseParser method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22067.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.31
|
|
| inductiveautomation | ignition |
Affected:
8.1.31
cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:* |
Date Public
2024-01-05 15:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.31"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50222",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T21:03:47.740884Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:59.944Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.870Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-017",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-017/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.31"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.686Z",
"datePublic": "2024-01-05T15:00:22.033Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.\n\nThe specific flaw exists within the ResponseParser method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22067."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:41.474Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-017",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-017/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"
},
"title": "Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50222",
"datePublished": "2024-05-03T02:14:41.474Z",
"dateReserved": "2023-12-05T16:15:17.542Z",
"dateUpdated": "2024-08-02T22:09:49.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50221 (GCVE-0-2023-50221)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.
The specific flaw exists within the ResponseParser method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-21926.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.31
|
|
| inductiveautomation | ignition |
Affected:
8.1.31
cpe:2.3:a:inductiveautomation:ignition:-:*:*:*:*:*:*:* |
Date Public
2024-01-05 15:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.31"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50221",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T19:58:04.180966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T20:01:39.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-016",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-016/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.31"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.678Z",
"datePublic": "2024-01-05T15:00:17.168Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.\n\nThe specific flaw exists within the ResponseParser method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-21926."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:40.701Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-016",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-016/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Nguyen Quoc Viet (Petrus Viet) of VNG Security Researcher"
},
"title": "Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50221",
"datePublished": "2024-05-03T02:14:40.701Z",
"dateReserved": "2023-12-05T16:15:17.542Z",
"dateUpdated": "2024-08-02T22:09:49.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50220 (GCVE-0-2023-50220)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.
The specific flaw exists within the Base64Element class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21801.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.30
|
|
| inductiveautomation | ignition |
Affected:
8.1.30
cpe:2.3:a:inductiveautomation:ignition:8.1.3:*:*:*:*:*:*:* |
Date Public
2024-01-05 15:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:8.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.30"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-21T18:14:54.610553Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:50.778Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-015",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-015/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.30"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.672Z",
"datePublic": "2024-01-05T15:00:11.022Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the Base64Element class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21801."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:39.917Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-015",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-015/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Nguyen Quoc Viet (Petrus Viet) of VNG Security Researcher"
},
"title": "Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50220",
"datePublished": "2024-05-03T02:14:39.917Z",
"dateReserved": "2023-12-05T16:15:17.542Z",
"dateUpdated": "2024-08-02T22:09:49.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50219 (GCVE-0-2023-50219)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.
The specific flaw exists within the RunQuery class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21625.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.30
|
|
| inductiveautomation | ignition |
Affected:
8.1.30
cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:* |
Date Public
2024-01-05 15:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.30"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50219",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T20:15:14.831755Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:51.888Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-014",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-014/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.30"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.667Z",
"datePublic": "2024-01-05T15:00:05.498Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the RunQuery class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21625."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:39.147Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-014",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-014/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Nguyen Quoc Viet (Petrus Viet) of VNG Security Researcher"
},
"title": "Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50219",
"datePublished": "2024-05-03T02:14:39.147Z",
"dateReserved": "2023-12-05T16:15:17.542Z",
"dateUpdated": "2024-08-02T22:09:49.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50218 (GCVE-0-2023-50218)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:14 – Updated: 2024-08-02 22:09
VLAI
Title
Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.
The specific flaw exists within the ModuleInvoke class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21624.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://security.inductiveautomation.com/?tcuUid=… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.30
|
|
| inductiveautomation | ignition |
Affected:
8.1.3
cpe:2.3:a:inductiveautomation:ignition:8.1.3:*:*:*:*:*:*:* |
Date Public
2024-01-05 14:56
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:8.1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.3"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50218",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-06T20:56:49.694175Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:58.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1813",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1813/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.30"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.662Z",
"datePublic": "2024-01-05T14:56:04.085Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the ModuleInvoke class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21624."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:38.394Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1813",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1813/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b"
}
],
"source": {
"lang": "en",
"value": "Nguyen Quoc Viet (Petrus Viet) of VNG Security Researcher"
},
"title": "Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50218",
"datePublished": "2024-05-03T02:14:38.394Z",
"dateReserved": "2023-12-05T16:15:17.542Z",
"dateUpdated": "2024-08-02T22:09:49.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39477 (GCVE-0-2023-39477)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
VLAI
Title
Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability
Summary
Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20499.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption ('Resource Exhaustion')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://inductiveautomation.com/downloads/release… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.24
|
|
| inductiveautomation | ignition |
Affected:
8.1.24
cpe:2.3:a:inductiveautomation:ignition:8.1.24:*:*:*:*:*:*:* |
Date Public
2023-08-08 14:49
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:8.1.24:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"status": "affected",
"version": "8.1.24"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39477",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-05T15:47:53.751712Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T17:35:42.447Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1050",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1050/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://inductiveautomation.com/downloads/releasenotes/8.1.33"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.24"
}
]
}
],
"dateAssigned": "2023-08-02T21:44:31.510Z",
"datePublic": "2023-08-08T14:49:31.561Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20499."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption (\u0027Resource Exhaustion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:10:42.854Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1050",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1050/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://inductiveautomation.com/downloads/releasenotes/8.1.33"
}
],
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Vens, Sharon Brizinov"
},
"title": "Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39477",
"datePublished": "2024-05-03T02:10:42.854Z",
"dateReserved": "2023-08-02T21:37:23.124Z",
"dateUpdated": "2024-08-02T18:10:20.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39476 (GCVE-0-2023-39476)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:10 – Updated: 2024-08-02 18:10
VLAI
Title
Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability
Summary
Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the JavaSerializationCodec class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20291.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Inductive Automation | Ignition |
Affected:
8.1.25
|
|
| inductiveautomation | ignition |
Affected:
8.1.22 , < 8.1.35
(custom)
cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:* |
Date Public
2023-08-08 14:49
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ignition",
"vendor": "inductiveautomation",
"versions": [
{
"lessThan": "8.1.35",
"status": "affected",
"version": "8.1.22",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39476",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-05T17:03:23.809391Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T20:59:53.039Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1046",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1046/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Ignition",
"vendor": "Inductive Automation",
"versions": [
{
"status": "affected",
"version": "8.1.25"
}
]
}
],
"dateAssigned": "2023-08-02T21:44:31.504Z",
"datePublic": "2023-08-08T14:49:12.720Z",
"descriptions": [
{
"lang": "en",
"value": "Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the JavaSerializationCodec class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20291."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:10:42.122Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1046",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1046/"
}
],
"source": {
"lang": "en",
"value": "Rocco Calvi (@TecR0c) and Steven Seeley (mr_me) of Incite Team"
},
"title": "Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39476",
"datePublished": "2024-05-03T02:10:42.122Z",
"dateReserved": "2023-08-02T21:37:23.124Z",
"dateUpdated": "2024-08-02T18:10:20.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}