CVE-2022-1704 – Inductive Automation Ignition
https://notcve.org/view.php?id=CVE-2022-1704
Due to an XML external entity reference, the software parses XML in the backup/restore functionality without XML security flags, which may lead to a XXE attack while restoring the backup. Debido a una vulnerabilidad de tipo XML external entity, el software analiza XML en la funcionalidad backup/restore sin banderas de seguridad XML, lo que puede conllevar a un ataque de tipo XXE al restaurar la copia de seguridad • https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-01 • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2022-1264 – Inductive Automation Ignition
https://notcve.org/view.php?id=CVE-2022-1264
The affected product may allow an attacker with access to the Ignition web configuration to run arbitrary code. El producto afectado puede permitir a un atacante con acceso a la configuración web de Ignition ejecutar código arbitrario • https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-03 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2022-36126
https://notcve.org/view.php?id=CVE-2022-36126
An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. The ScriptInvoke function allows remote attackers to execute arbitrary code by supplying a Python script. Se ha detectado un problema en Inductive Automation Ignition versiones anteriores a 7.9.20 y versiones 8.x anteriores a 8.1.17. La función ScriptInvoke permite a atacantes remotos ejecutar código arbitrario mediante el suministro de un script de Python • https://github.com/sourceincite/randy https://srcincite.io/advisories/src-2022-0014 https://support.inductiveautomation.com/hc/en-us/articles/7625759776653 • CWE-863: Incorrect Authorization •
CVE-2022-35890
https://notcve.org/view.php?id=CVE-2022-35890
An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. Designer and Vision Client Session IDs are mishandled. An attacker can determine which session IDs were generated in the past and then hijack sessions assigned to these IDs via Randy. Se ha detectado un problema en Inductive Automation Ignition versiones anteriores a 7.9.20 y versiones 8.x anteriores a 8.1.17. Los identificadores de sesión de los clientes Designer y Vision son manejados de forma inapropiada. • https://github.com/sourceincite/randy https://support.inductiveautomation.com/hc/en-us/articles/7625759776653 • CWE-863: Incorrect Authorization •
CVE-2022-35871 – Inductive Automation Ignition Missing Authentication for Critical Function Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35871
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). Authentication is not required to exploit this vulnerability. The specific flaw exists within the authenticateAdSso method. The issue results from the lack of authentication prior to allowing the execution of python code. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. • https://support.inductiveautomation.com/hc/en-us/articles/7625759776653-Regarding-Pwn2Own-2022-Vulnerabilities https://www.zerodayinitiative.com/advisories/ZDI-22-1018 • CWE-306: Missing Authentication for Critical Function •