cbcvebase.
CVE-2022-1264
published 2022-07-20

CVE-2022-1264: The affected product may allow an attacker with access to the Ignition web configuration to run arbitrary code.

PriorityP354high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.82%
52.6th percentile
The affected product may allow an attacker with access to the Ignition web configuration to run arbitrary code.

Affected

5 ranges
VendorProductVersion rangeFixed in
github.comflipped-aurora_gin-vue-admin_server>= 0 < 2.5.42.5.4
inductive_automationignition
inductive_automationignition>= 8.0.4 < All 8.0 versions*All 8.0 versions*
inductiveautomationignition>= 8.0.4 < 8.1.108.1.10
msrcmicrosoft_edge

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.