Vulnerabilities > Inductiveautomation

DATE CVE VULNERABILITY TITLE RISK
2022-07-25 CVE-2022-35870 Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition 8.1.15
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114).
local
low complexity
inductiveautomation CWE-502
7.8
2022-07-25 CVE-2022-35871 Unspecified vulnerability in Inductiveautomation Ignition 8.1.15
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114).
local
low complexity
inductiveautomation
7.8
2022-07-25 CVE-2022-35872 Unspecified vulnerability in Inductiveautomation Ignition 8.1.15
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114).
local
low complexity
inductiveautomation
7.8
2022-07-25 CVE-2022-35873 Unspecified vulnerability in Inductiveautomation Ignition 8.1.15
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114).
local
low complexity
inductiveautomation
7.8
2022-07-20 CVE-2022-1264 Unspecified vulnerability in Inductiveautomation Ignition
The affected product may allow an attacker with access to the Ignition web configuration to run arbitrary code.
network
low complexity
inductiveautomation
8.8
2022-07-16 CVE-2022-36126 Incorrect Authorization vulnerability in Inductiveautomation Ignition
An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17.
network
low complexity
inductiveautomation CWE-863
7.2
2022-07-15 CVE-2022-35890 Incorrect Authorization vulnerability in Inductiveautomation Ignition
An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17.
network
low complexity
inductiveautomation CWE-863
critical
9.8
2022-04-01 CVE-2020-14479 Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition
Sensitive information can be obtained through the handling of serialized data.
network
low complexity
inductiveautomation CWE-306
5.3
2020-07-31 CVE-2020-14520 Missing Authorization vulnerability in Inductiveautomation Ignition Gateway
The affected product is vulnerable to an information leak, which may allow an attacker to obtain sensitive information on the Ignition 8 (all versions prior to 8.0.13).
network
low complexity
inductiveautomation CWE-862
7.5
2020-06-09 CVE-2020-12004 Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition Gateway
The affected product lacks proper authentication required to query the server on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information.
network
low complexity
inductiveautomation CWE-306
7.5