CVE-2021-27460

Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data

CVSS 10 CRITICALEPSS 3.1%CWE-502

Vexday Risk Score

28Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 10EPSS 3.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

23 Mar 2022Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthenticated attacker to gain full access to the FactoryTalk AssetCentre main server and all agent machines.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H

Affected products

Rockwell Automation · FactoryTalk AssetCentre

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F1130831 https://www.cisa.gov/uscert/ics/advisories/icsa-21-091-01