Python Scripting Vulnerability in Ignition SCADA Applications by Inductive Automation
CVE-2025-13911

7.3HIGH

Key Information:

Vendor: Inductive Automation
Status: Ignition
Vendor: CVE Published:; 18 December 2025

🔔 Create Inductive Automation Vulnerability Alert

What is CVE-2025-13911?

The vulnerability affects Ignition SCADA applications utilizing Python scripting for automation, resulting from inadequate security controls that allow unrestricted import and execution of Python libraries. A critical issue emerges when the Ignition service account possesses excessive system permissions, enabling the execution of malicious project files uploaded by authenticated administrators. These files can contain Python scripts designed to initiate bind shell capabilities, executing with the same privileges as the Ignition Gateway process, typically operating with SYSTEM-level permissions on Windows. Alternative execution patterns may similarly exploit this vulnerability.

Affected Version(s)

Ignition 8.1.x

Ignition 8.3.x

References

https://security.inductiveautomation.com/

https://www.cisa.gov/news-events/ics-advisories/icsa-25-3...

https://github.com/cisagov/CSAF/blob/develop/csaf_files/O...

CVSS V4

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 18, 2025
Vulnerability Reserved
Dec 2, 2025

Credit

Momen Eldawakhly of Samurai Digital Security Ltd reported this vulnerability to CISA

JSON