writeups.xyz / CVE-2023–50220 — Inductive Automation Ignition XML Deserialization to RCE

Submitter : c2a

Date: 10 January 2024

Bounty : undisclosed

Vulnerabilities :

• Insecure Deserialization
• RCE
• Security Code Review

Programs :

• Inductive Automation Ignition

Authors :

• Petrus Viet (@VietPetrus)

Link :
https://petrusviet.medium.com/cve-2023-50220-inductive-automation-ignition-xml-deserialization-to-rce-7b395412c6cf