CVE-2023-38122

Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Although authentication is required to exploit thi...

CVE-2023-38123

Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition. User interaction is required to explo...

CVE-2023-38121

Inductive Automation Ignition OPC UA Quick Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability i...

CVE-2023-50233 Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability

Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in...

CVE-2023-50233 Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability

Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in...

CVE-2023-50233

CVE-2023-50233 concerns Inductive Automation Ignition, specifically the getJavaExecutable directory traversal vulnerability. The flaw stems from inadequate validation of a user-supplied path before performing file operations, enabling an attacker to execute arbitrary code in the context of the cu...

CVE-2023-50232 Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability

Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the...

CVE-2023-50232 Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability

Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the...

CVE-2023-50232

CVE-2023-50232 exposes a remote code execution in Inductive Automation Ignition via a getParams argument injection. The flaw stems from insufficient validation of a user-supplied string used to form a system-call argument, allowing code execution in the context of the current user. Exploitation r...

CVE-2023-50223 Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability

Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this...

CVE-2023-50223

Inductive Automation Ignition is affected. The ExtendedDocumentCodec deserialization flaw stems from inadequate validation of untrusted input, enabling remote code execution with SYSTEM privileges. Authentication is required to exploit. No explicit patch/version details are provided here; refer t...

CVE-2023-50223 Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability

Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this...

CVE-2023-50222

CVE-2023-50222 concerns Inductive Automation Ignition’s ResponseParser Notification: deserialization of untrusted data enables remote code execution. The flaw stems from insufficient validation of user-supplied data in the ResponseParser method, allowing an attacker to execute code in the context...

CVE-2023-50222 Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability

Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit...

CVE-2023-50222 Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability

Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit...

CVE-2023-50221 Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability

Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to...

CVE-2023-50221

CVE-2023-50221 affects Inductive Automation Ignition: the deserialization flaw in the ResponseParser’s SerializedResponse allows remote code execution. The issue stems from insufficient validation of untrusted data, enabling code execution in the attacker’s context after a target connects to a ma...

CVE-2023-50219

CVE-2023-50219 affects Inductive Automation Ignition, specifically the RunQuery deserialization pathway. The flaw permits deserialization of untrusted data due to inadequate validation in the RunQuery class, enabling remote code execution with SYSTEM privileges. Authentication is required to expl...

CVE-2023-50220 Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability

Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this...

CVE-2023-50220 Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability

Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this...