Lucene search
MitreCVE-2022-36126HistoryJul 16, 2022 - 7:15 p.m.
CVE-2022-36126
2022-07-1619:15:08
CWE-863
mitre
web.nvd.nist.gov
41
8
inductive automation
ignition
cve-2022-36126
scriptinvoke
remote code execution
python
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.3
Confidence
High
EPSS
0.017
Percentile
87.9%
An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. The ScriptInvoke function allows remote attackers to execute arbitrary code by supplying a Python script.
Affected configurations
Node
inductiveautomationignitionRange<7.9.20
ORinductiveautomationignitionRange8.0.1–8.1.17
| Vendor | Product | Version | CPE |
|---|---|---|---|
| inductiveautomation | ignition | * | cpe:2.3:a:inductiveautomation:ignition:*:*:*:*:*:*:*:* |
References
Social References
More
Related
srcincite
srcincite
prion
prion
Code injection
2022-07-16 19:15:00
cvelist
cvelist
CVE-2022-36126
2022-07-16 18:59:46
nvd
nvd
CVE-2022-36126
2022-07-16 19:15:08
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.3
Confidence
High
EPSS
0.017
Percentile
87.9%
Related for CVE-2022-36126