CVE-2020-12004

HIGH

Ignition Gateway < 7.9.14 - Unauthenticated Sensitive Information Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-12004. Includes Metasploit module exploits/multi/scada/inductive_ignition_rce.

AI-analyzed exploit summary This Metasploit module exploits a Java deserialization vulnerability in Inductive Automation Ignition SCADA versions 8.0.0 to 8.0.7, allowing unauthenticated remote code execution as SYSTEM on Windows or root on Linux. It uses gadget chains (CommonsBeanutils1 or CommonsCollections6) to achieve RCE via a crafted XML payload sent to the /system/gateway endpoint.

Description

The affected product lacks proper authentication required to query the server on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information.

Exploits (1)

metasploit WORKING POC EXCELLENT

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/scada/inductive_ignition_rce.rb

View Code ZIP pw:eip

This Metasploit module exploits a Java deserialization vulnerability in Inductive Automation Ignition SCADA versions 8.0.0 to 8.0.7, allowing unauthenticated remote code execution as SYSTEM on Windows or root on Linux. It uses gadget chains (CommonsBeanutils1 or CommonsCollections6) to achieve RCE via a crafted XML payload sent to the /system/gateway endpoint.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Inductive Automation Ignition (8.0.0 to 8.0.7)

No auth needed

Prerequisites: Network access to port 8088 · Target running vulnerable version of Inductive Automation Ignition

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Apr 30, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, US Government Resource x_refsource_misc

https://www.us-cert.gov/ics/advisories/icsa-20-147-01

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/158226/Inductive-Automation-Ignition-Remote-Code-Execution.html

Scores

CVSS v3 7.5

EPSS 0.1364

EPSS Percentile 96.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-306

Status published

Products (1)

inductiveautomation/ignition_gateway 7.2.4.48 - 7.9.14

Published Jun 09, 2020

Tracked Since Feb 18, 2026