CVE-2023-50223: 
Inductive Automation Ignition vulnerability analysis and mitigation

The vulnerability (CVE-2023-50223) affects Inductive Automation Ignition's ExtendedDocumentCodec class. It was discovered by Andy Niu of Trend Micro Security Research and publicly disclosed on January 5th, 2024. The vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition through deserialization of untrusted data (ZDI Advisory).

The vulnerability exists within the ExtendedDocumentCodec class and stems from improper validation of user-supplied data, which can result in deserialization of untrusted data. The vulnerability has been assigned a CVSS score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity. Authentication is required to exploit this vulnerability (ZDI Advisory).

Successful exploitation of this vulnerability allows an authenticated attacker to execute arbitrary code in the context of SYSTEM on affected Ignition installations. This gives attackers the highest level of system access, potentially compromising the entire system (ZDI Advisory).

Inductive Automation has released an update to address this vulnerability. Users are recommended to upgrade to the latest version of Ignition. Additionally, following the Ignition Security Hardening Guide is recommended, particularly regarding proper network segmentation, keeping the environment up to date, and working with trusted files and systems (Inductive Security).