QID 590835
Date Published: 2022-05-02
QID 590835: Inductive Automation Ignition Code Execution Vulnerability (ICSA-22-102-03)
AFFECTED PRODUCTS
The following versions of Inductive Automation Ignition software are affected:
Inductive Automation Ignition: All 8.0 versions after 8.0.4
Inductive Automation Ignition: All 8.1 versions prior to 8.1.10
QID Detection Logic (Authenticated)
QID checks for the Vulnerable version using windows registry keys
Successful exploitation of this vulnerability could allow an authenticated attacker with network access to execute code by uploading a malicious zip file.
Solution
Customers are advised to refer to CERT MITIGATIONS section ICSA-22-102-03 for affected packages and patching details.
Vendor References
- ICSA-22-102-03 -
www.us-cert.gov/ics/advisories/ICSA-22-102-03
CVEs related to QID 590835
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| ICSA-22-102-03 |
|