CVE-2020-10644

The affected product lacks proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway versions prior to 8.0.10 and Ignition 7 Gateway versions prior to 7.9.14, allowing an attacker to obtain sensitive information...

EUVD-2020-4316

Malware in sbrugna...

CVE-2020-10641

An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication. This results in consuming the entire available hard-disk space on the Ignition 8 Gateway versions prior to 8.0.10, causing a denial-of-service condition...

CVE-2020-12000

The affected product is vulnerable to the handling of serialized data. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway versions prior to 8.0.10 and Ignition 7 Gateway versions prior to...

Deserialization of untrusted data

The affected product is vulnerable to the handling of serialized data. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway versions prior to 8.0.10 and Ignition 7 Gateway versions prior to...

CVE-2020-12000

CVE-2020-12000 affects Inductive Automation Ignition Gateway products: Ignition 8 Gateway versions before 8.0.10 and Ignition 7 Gateway versions before 7.9.14. The issue arises from improper validation of user-supplied data, enabling deserialization of untrusted data via serialized-data handling ...

CVE-2020-10644

The affected product lacks proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway versions prior to 8.0.10 and Ignition 7 Gateway versions prior to 7.9.14, allowing an attacker to obtain sensitive information...

CVE-2020-10644

CVE-2020-10644 affects Inductive Automation Ignition Gateway; root cause is improper validation that allows deserialization of untrusted data. Affected: Ignition 8.x (prior to 8.0.10) and Ignition 7.x (prior to 7.9.14). Impact documented as sensitive information disclosure. Public references note...

Race condition

An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication. This results in consuming the entire available hard-disk space on the Ignition 8 Gateway versions prior to 8.0.10, causing a denial-of-service condition...

CVE-2020-10641

An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication. This results in consuming the entire available hard-disk space on the Ignition 8 Gateway versions prior to 8.0.10, causing a denial-of-service condition...

CVE-2020-10641

The CVE-2020-10641 issue affects Ignition 8 Gateway (Perspective Module) prior to 8.0.10, where an unprotected logging route can write unlimited log statements to the database, consuming disk space and causing a denial-of-service. Root cause: improper access controls allowing unauthenticated, net...

Inductive Automation Ignition

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Inductive Automation Equipment: Ignition 8 Gateway Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to write endless...