Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
The affected product lacks proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information.
- http://packetstormsecurity.com/files/158226/Inductive-Automation-Ignition-Remote-Code-Execution.html
- https://github.com/AlexielArdilla/Ethical-Hacking-y-ciberdelito
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs