I know this is pretty new, but is Ignition affected by CVE-2023-5129? Looks like it was a lower score before as a different CVE but is now a 10.
https://nvd.nist.gov/vuln/detail/CVE-2023-5129
Edit:
Another link explaining a bit of history of this CVE and other software affected: https://www.cyberkendra.com/2023/09/webp-0day-google-assign-new-cve-for.html?m=1
I'll bring this up internally, but it does seem that while Ignition itself is not vulnerable, the embedded Chromium browser used in the Designer, Perspective Workstation, and Vision's web browser component may be.
3 Likes
Ok, we're tracking this. Not sure I'll have much of an update until next week some time because ICC is going on this week.
1 Like
berni
July 8, 2024, 2:01pm
4
Hello,
Do you have any update regarding the topic ?
Thank you very much !
The embedded version of Chromium was updated in Ignition 8.1.34.
berni
July 18, 2024, 9:27am
6
Thank you for your reply.
Best regards,