CVE-2025-13913 is a medium-severity issue in Inductive Automation Ignition Software <8.3.0 where a privileged user importing an external file can trigger embedded malicious code during deserialization. CISA published the advisory on 2026-03-12 and issued a minor revision on 2026-03-13 to correct a reference typo. The supplied CVSS 3.1 vector is AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H, reflecting a prerequisit [truncated]
MEDIUMInductive AutomationCVE published 2025-12-18
CVE-2025-13911 is a medium-severity vulnerability (CVSS 6.4) in Inductive Automation Ignition SCADA applications that use Python scripting. Published on December 18, 2025, the issue stems from insufficient security controls restricting Python library imports and execution within the scripting environment. The root cause is the Ignition service account possessing excessive system permissions beyond what pr [truncated]