Hi all,
Ignition 8.3.4 comes bundled with Azul Zulu Java 17.62.18 from what I understand. Our security scans picked up several possible vulnerabilities in this version and our IT-Security departments advised us to upgrade. As this effects all gateways and all clients with designer installed, a manual replacement on all machines with the config edits described here Upgrading Zulu OpenJDK for the Designer - Ignition - Inductive Automation Forum would be extremely time consuming.
The reported CVEs are CVE-2025-6052, CVE-2025-6021, CVE-2025-7425, CVE-2025-43368, and CVE-2025-47219. I couldn't find any information on these CVEs in Inductive Automation Trust Center.
Could you please point me to resources on how to mitigate these vulnerabilities?
Thank you