CVE-2023-50219

CVE-2023-50219 affects Inductive Automation Ignition, specifically the RunQuery deserialization pathway. The flaw permits deserialization of untrusted data due to inadequate validation in the RunQuery class, enabling remote code execution with SYSTEM privileges. Authentication is required to expl...

Inductive Automation Ignition 安全漏洞

Inductive Automation Ignition is an integrated software platform for SCADA systems from Inductive Automation, USA. The platform supports SCADA Data Acquisition and Monitoring Systems, HMI Human Machine Interface, and more. A security vulnerability exists in Inductive Automation Ignition that stem...

The vulnerability of the RunQuery class in industrial automation software, Inductive Automation Ignition, allows a perpetrator to execute arbitrary code.

The vulnerability of Inductive Automation Ignition’s software for industrial automation lies in the shortcomings of its deserialization mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability. The specific flaw exists within the RunQuery class. The issue results from the lack of proper validation of...