OTPulse
FeedAboutContact

Inductive Automation Ignition

Monitor6.4ICS-CERT ICSA-25-352-01Dec 18, 2025
Attack VectorAdjacent
Auth RequiredHigh
ComplexityHigh
User InteractionNone needed
Summary

This vulnerability in Ignition allows an attacker with high privileges and administrative access to the Ignition Gateway to gain direct SYSTEM-level code execution on the Windows operating system. Successful exploitation grants the attacker unrestricted control of the host and any industrial processes managed by the gateway. The vulnerability affects Ignition versions 8.1.x and 8.3.x on Windows systems.

What this means
What could happen
An attacker with high privileges on the Ignition Gateway could execute arbitrary code with SYSTEM-level access on Windows, allowing them to seize control of the industrial control system and alter or stop critical operations.
Who's at risk
This affects organizations using Inductive Automation Ignition 8.1.x or 8.3.x on Windows servers. Manufacturing plants, water utilities, power systems, and other industrial operations relying on Ignition for process control, SCADA visualization, or data acquisition should assess their exposure. Any facility running these versions is at risk if administrative access controls are weak.
How it could be exploited
An attacker with high-level privileges and administrative access to the Ignition Gateway system could exploit this vulnerability to escalate privileges and execute arbitrary commands with SYSTEM-level permissions on the Windows operating system hosting the Ignition service. This would allow direct control over the host and any connected industrial processes.
Prerequisites
  • High privilege/administrative credentials on the Ignition Gateway
  • Local or network access to the Ignition Gateway service
  • Windows operating system running the Ignition service
High privilege required for exploitationNo patch availableSYSTEM-level code execution possibleAffects Windows-based industrial gateways
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
Ignition: 8.1.x|8.3.x8.1.x|8.3.xNo fix (EOL)
Remediation & Mitigation
0/3
Do now
0/1
HARDENINGEnforce strong access controls and monitor for unauthorized administrative access to Ignition systems
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

WORKAROUNDMonitor Inductive Automation's Trust Portal regularly for security updates and patches
Mitigations - no patch available
0/1
Ignition: 8.1.x|8.3.x has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGImplement network segmentation to restrict access to Ignition Gateway systems to authorized engineering and operations staff only
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/9cdff533-a3fd-40a8-bf4d-2e1d806890cc
Inductive Automation Ignition | CVSS 6.4 - OTPulse