Inductiveautomation

Ignition

35 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2023-39476

  • EPSS 2.34%
  • Veröffentlicht 03.05.2024 03:15:13
  • Zuletzt bearbeitet 12.03.2025 14:28:02

Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignitio...

9.8

CVE-2023-39475

  • EPSS 2.34%
  • Veröffentlicht 03.05.2024 03:15:13
  • Zuletzt bearbeitet 13.03.2025 21:48:02

Inductive Automation Ignition ParameterVersionJavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Au...

8.8

CVE-2023-39474

  • EPSS 1.05%
  • Veröffentlicht 03.05.2024 03:15:13
  • Zuletzt bearbeitet 13.03.2025 21:47:43

Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required t...

8.8

CVE-2023-39473

  • EPSS 29.9%
  • Veröffentlicht 03.05.2024 03:15:13
  • Zuletzt bearbeitet 13.03.2025 21:46:53

Inductive Automation Ignition AbstractGatewayFunction Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Igniti...

6.5

CVE-2023-39472

  • EPSS 0.53%
  • Veröffentlicht 03.05.2024 03:15:13
  • Zuletzt bearbeitet 13.03.2025 21:45:35

Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Inductive Automation Ignition...

8.8

CVE-2023-38124

  • EPSS 53.76%
  • Veröffentlicht 03.05.2024 03:15:10
  • Zuletzt bearbeitet 13.03.2025 21:45:10

Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation I...

7.2

CVE-2023-38122

  • EPSS 0.57%
  • Veröffentlicht 03.05.2024 02:15:56
  • Zuletzt bearbeitet 12.03.2025 14:36:42

Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Alt...

8.8

CVE-2023-38123

  • EPSS 0.3%
  • Veröffentlicht 03.05.2024 02:15:56
  • Zuletzt bearbeitet 13.03.2025 21:44:04

Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation ...

9

CVE-2023-38121

  • EPSS 1.73%
  • Veröffentlicht 03.05.2024 02:15:56
  • Zuletzt bearbeitet 12.03.2025 14:32:50

Inductive Automation Ignition OPC UA Quick Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interact...

9.8

CVE-2022-1704

  • EPSS 0.28%
  • Veröffentlicht 05.08.2022 16:15:11
  • Zuletzt bearbeitet 21.11.2024 06:41:17

Due to an XML external entity reference, the software parses XML in the backup/restore functionality without XML security flags, which may lead to a XXE attack while restoring the backup.