SCADA: Inductive Automation Ignition OPC UA Client Cross-Site Scripting
This signature detects attempts to exploit a known cross-site scripting vulnerability against Inductive Automation Ignition. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attacks.
Extended Description
Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability. The specific flaw exists within the Ignition Gateway server. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20541.
Affected Products
Inductiveautomation ignition
References
CVE: CVE-2023-38124
Short Name
SCADA:IGNITION-OPCUA-XSS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SCADA
Keywords
Automation CVE-2023-38124 Client Cross-Site Ignition Inductive OPC Scripting UA
Release Date
01/03/2024
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
Sigpack Version
3791
False Positive
Unknown
Vendors
Inductiveautomation