What is the severity of CVE-2021-27462?

CVE-2021-27462 is considered critical due to its potential for remote code execution by unauthenticated attackers.

How do I fix CVE-2021-27462?

To remediate CVE-2021-27462, upgrade to the latest version of Rockwell Automation FactoryTalk AssetCentre that addresses this vulnerability.

Can CVE-2021-27462 be exploited remotely?

Yes, CVE-2021-27462 can be exploited remotely without authentication.

What kind of attack does CVE-2021-27462 enable?

CVE-2021-27462 enables attackers to execute arbitrary commands on the affected system.

Vulnerability/
CVE-2021-27462

critical

CWE

502

23/3/2022

3/8/2024

CVE-2021-27462: Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data

Q: What software is affected by CVE-2021-27462?

CVE-2021-27462 affects Rockwell Automation FactoryTalk AssetCentre versions 10.00 and earlier.

First published: Wed Mar 23 2022(Updated: )

A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
Rockwell Automation FactoryTalk AssetCentre
rockwellautomation FactoryTalk AssetCentre	<=10.00

Remedy

Rockwell Automation encourages users of the affected versions of FactoryTalk AssetCentre to update to AssetCentre v11 (or above) to addresses these vulnerabilities. For more information about these vulnerabilities and mitigations please see Rockwell Automation’s publication KnowledgeBase ID: PN1559

Remedy

As an additional mitigation, Rockwell Automation encourages users who are unable to upgrade or are concerned about unauthorized client connections to use built in security features found within FactoryTalk AssetCentre. Users should follow guidance found in QA46277. IPsec would minimize exposure to unauthorized clients and has been tested in FactoryTalk AssetCentre v9-v11

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

ICSA-21-091-01

Frequently Asked Questions

What is the severity of CVE-2021-27462?
CVE-2021-27462 is considered critical due to its potential for remote code execution by unauthenticated attackers.
How do I fix CVE-2021-27462?
To remediate CVE-2021-27462, upgrade to the latest version of Rockwell Automation FactoryTalk AssetCentre that addresses this vulnerability.
What software is affected by CVE-2021-27462?
CVE-2021-27462 affects Rockwell Automation FactoryTalk AssetCentre versions 10.00 and earlier.
Can CVE-2021-27462 be exploited remotely?
Yes, CVE-2021-27462 can be exploited remotely without authentication.
What kind of attack does CVE-2021-27462 enable?
CVE-2021-27462 enables attackers to execute arbitrary commands on the affected system.

agent/type
collector/mitre-cve
source/MITRE
agent/remedy
agent/severity
agent/title
agent/weakness
agent/references
agent/last-modified-date
agent/author
agent/description
agent/first-publish-date
agent/event
agent/trending
agent/source
collector/ics-cert-advisory
source/ICS
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/nvd-index
vendor/rockwell automation
canonical/rockwell automation factorytalk assetcentre
vendor/rockwellautomation
canonical/rockwellautomation factorytalk assetcentre
version/rockwellautomation factorytalk assetcentre/10.00

Frequently Asked Questions

What is the severity of CVE-2021-27462?
CVE-2021-27462 is considered critical due to its potential for remote code execution by unauthenticated attackers.
How do I fix CVE-2021-27462?
To remediate CVE-2021-27462, upgrade to the latest version of Rockwell Automation FactoryTalk AssetCentre that addresses this vulnerability.
What software is affected by CVE-2021-27462?
CVE-2021-27462 affects Rockwell Automation FactoryTalk AssetCentre versions 10.00 and earlier.
Can CVE-2021-27462 be exploited remotely?
Yes, CVE-2021-27462 can be exploited remotely without authentication.
What kind of attack does CVE-2021-27462 enable?
CVE-2021-27462 enables attackers to execute arbitrary commands on the affected system.

CVE-2021-27462: Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2021-27462?

How do I fix CVE-2021-27462?

What software is affected by CVE-2021-27462?

Can CVE-2021-27462 be exploited remotely?

What kind of attack does CVE-2021-27462 enable?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2021-27462?

How do I fix CVE-2021-27462?

What software is affected by CVE-2021-27462?

Can CVE-2021-27462 be exploited remotely?

What kind of attack does CVE-2021-27462 enable?