CVE-2023-50223 – Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-50223
Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability. The specific flaw exists within the ExtendedDocumentCodec class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. • https://security.inductiveautomation.com/?tcuUid=fc4c4515-046d-4365-b688-693337449c5b https://www.zerodayinitiative.com/advisories/ZDI-24-018 • CWE-502: Deserialization of Untrusted Data •
CVE-2022-1704 – Inductive Automation Ignition
https://notcve.org/view.php?id=CVE-2022-1704
Due to an XML external entity reference, the software parses XML in the backup/restore functionality without XML security flags, which may lead to a XXE attack while restoring the backup. Debido a una vulnerabilidad de tipo XML external entity, el software analiza XML en la funcionalidad backup/restore sin banderas de seguridad XML, lo que puede conllevar a un ataque de tipo XXE al restaurar la copia de seguridad • https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-01 • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2022-36126
https://notcve.org/view.php?id=CVE-2022-36126
An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. The ScriptInvoke function allows remote attackers to execute arbitrary code by supplying a Python script. Se ha detectado un problema en Inductive Automation Ignition versiones anteriores a 7.9.20 y versiones 8.x anteriores a 8.1.17. La función ScriptInvoke permite a atacantes remotos ejecutar código arbitrario mediante el suministro de un script de Python • https://github.com/sourceincite/randy https://srcincite.io/advisories/src-2022-0014 https://support.inductiveautomation.com/hc/en-us/articles/7625759776653 • CWE-863: Incorrect Authorization •
CVE-2022-35890
https://notcve.org/view.php?id=CVE-2022-35890
An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. Designer and Vision Client Session IDs are mishandled. An attacker can determine which session IDs were generated in the past and then hijack sessions assigned to these IDs via Randy. Se ha detectado un problema en Inductive Automation Ignition versiones anteriores a 7.9.20 y versiones 8.x anteriores a 8.1.17. Los identificadores de sesión de los clientes Designer y Vision son manejados de forma inapropiada. • https://github.com/sourceincite/randy https://support.inductiveautomation.com/hc/en-us/articles/7625759776653 • CWE-863: Incorrect Authorization •
CVE-2022-1706 – ignition: configs are accessible from unprivileged containers in VMs running on VMware products
https://notcve.org/view.php?id=CVE-2022-1706
A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets. The highest threat from this vulnerability is to data confidentiality. Possible workaround is to not put secrets in the Ignition config. Se ha encontrado una vulnerabilidad en Ignition en la que las configuraciones de encendido son accesibles desde contenedores no privilegiados en máquinas virtuales que son ejecutados en productos VMware. • https://bugzilla.redhat.com/show_bug.cgi?id=2082274 https://github.com/coreos/ignition/commit/4b70b44b430ecf8377a276e89b5acd3a6957d4ea https://github.com/coreos/ignition/issues/1300 https://github.com/coreos/ignition/issues/1315 https://github.com/coreos/ignition/pull/1350 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LY7LKGMQMXV6DGD263YQHNSLOJJ5VLV5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NP765L7TJI7CD4XVOHUWZVRYRH3FYBOR https:/& • CWE-863: Incorrect Authorization •