The version of Inductive Automation Ignition running on the remote host is affected by multiple vulnerabilities :
A denial of service (DoS) vulnerability exists due to an unprotected logging route when the Perspective Module is running. An unauthenticated, remote attacker can exploit this, via a series of specially crafted messages, to write endless log statements into the database without space limits, which can results in consuming the entire available hard-disk space.
(CVE-2020-10641)
A deserialization vulnerability exists due to the lack of proper validation of user-supplied data. An unauthenticated, remote attacker can exploit this to execute arbitrary code in the context of SYSTEM. (CVE-2020-10644, CVE-2020-12000)
An information disclosure vulnerability exists in the getDiffs method of the com.inductiveautomation.ignition.gateway.servlets. gateway.functions.ProjectDownload class due to the lack of proper authentication required to query the server. An unauthenticated, remote attacker can exploit this to disclose potentially sensitive information. (CVE-2020-12004)
Binary data scada_inductive_automation_ignition_8_0_10.nbin
Vendor | Product | Version | CPE |
---|---|---|---|
inductiveautomation | ignition | cpe:/a:inductiveautomation:ignition |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10641
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10644
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12000
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12004
www.us-cert.gov/ics/advisories/icsa-20-112-01
www.us-cert.gov/ics/advisories/icsa-20-147-01