CVE-2025-13911
Python Script Execution Vulnerability in Ignition SCADA Grants SYSTEM Access
Publication date: 2025-12-18
Last updated on: 2025-12-18
Assigner: ICS-CERT
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| inductive_automation | ignition | 4.0 |
| inductive_automation | ignition | 3.1 |
| inductive_automation | ignition | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-250 | The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects Ignition SCADA applications that use Python scripting for automation. It occurs because there are no proper security controls restricting which Python libraries can be imported and executed. An authenticated administrator can upload a malicious project file containing Python scripts with bind shell capabilities. These scripts run with the same SYSTEM-level permissions as the Ignition Gateway process on Windows, allowing potentially dangerous code execution.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized code execution with SYSTEM-level privileges on the affected system. This means an attacker could execute arbitrary commands, potentially taking full control of the system, leading to data compromise, disruption of operations, or further exploitation within the network.