What is the severity of CVE-2021-27470?

CVE-2021-27470 has been classified as a high severity vulnerability due to its potential to allow remote command execution.

How do I fix CVE-2021-27470?

To mitigate CVE-2021-27470, it is recommended to update Rockwell Automation FactoryTalk AssetCentre to a version later than v10.00.

Can CVE-2021-27470 be exploited remotely?

Yes, CVE-2021-27470 can be exploited by remote, unauthenticated attackers.

What type of vulnerability is CVE-2021-27470?

CVE-2021-27470 is a deserialization vulnerability that affects the verification of serialized data.

Vulnerability/
CVE-2021-27470

critical

CWE

502

23/3/2022

3/8/2024

CVE-2021-27470: Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data

Q: What systems are affected by CVE-2021-27470?

CVE-2021-27470 affects Rockwell Automation FactoryTalk AssetCentre version 10.00 and earlier.

First published: Wed Mar 23 2022(Updated: )

A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
Rockwell Automation FactoryTalk AssetCentre
rockwellautomation FactoryTalk AssetCentre	<=10.00

Remedy

Rockwell Automation encourages users of the affected versions of FactoryTalk AssetCentre to update to AssetCentre v11 (or above) to addresses these vulnerabilities. For more information about these vulnerabilities and mitigations please see Rockwell Automation’s publication KnowledgeBase ID: PN1559

Remedy

As an additional mitigation, Rockwell Automation encourages users who are unable to upgrade or are concerned about unauthorized client connections to use built in security features found within FactoryTalk AssetCentre. Users should follow guidance found in QA46277. IPsec would minimize exposure to unauthorized clients and has been tested in FactoryTalk AssetCentre v9-v11

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

ICSA-21-091-01

Frequently Asked Questions

What is the severity of CVE-2021-27470?
CVE-2021-27470 has been classified as a high severity vulnerability due to its potential to allow remote command execution.
How do I fix CVE-2021-27470?
To mitigate CVE-2021-27470, it is recommended to update Rockwell Automation FactoryTalk AssetCentre to a version later than v10.00.
What systems are affected by CVE-2021-27470?
CVE-2021-27470 affects Rockwell Automation FactoryTalk AssetCentre version 10.00 and earlier.
Can CVE-2021-27470 be exploited remotely?
Yes, CVE-2021-27470 can be exploited by remote, unauthenticated attackers.
What type of vulnerability is CVE-2021-27470?
CVE-2021-27470 is a deserialization vulnerability that affects the verification of serialized data.

agent/type
collector/mitre-cve
source/MITRE
agent/remedy
agent/severity
agent/title
agent/weakness
agent/references
agent/last-modified-date
agent/author
agent/description
agent/first-publish-date
agent/event
agent/trending
agent/source
collector/ics-cert-advisory
source/ICS
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/nvd-index
vendor/rockwell automation
canonical/rockwell automation factorytalk assetcentre
vendor/rockwellautomation
canonical/rockwellautomation factorytalk assetcentre
version/rockwellautomation factorytalk assetcentre/10.00

Frequently Asked Questions

What is the severity of CVE-2021-27470?
CVE-2021-27470 has been classified as a high severity vulnerability due to its potential to allow remote command execution.
How do I fix CVE-2021-27470?
To mitigate CVE-2021-27470, it is recommended to update Rockwell Automation FactoryTalk AssetCentre to a version later than v10.00.
What systems are affected by CVE-2021-27470?
CVE-2021-27470 affects Rockwell Automation FactoryTalk AssetCentre version 10.00 and earlier.
Can CVE-2021-27470 be exploited remotely?
Yes, CVE-2021-27470 can be exploited by remote, unauthenticated attackers.
What type of vulnerability is CVE-2021-27470?
CVE-2021-27470 is a deserialization vulnerability that affects the verification of serialized data.

CVE-2021-27470: Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2021-27470?

How do I fix CVE-2021-27470?

What systems are affected by CVE-2021-27470?

Can CVE-2021-27470 be exploited remotely?

What type of vulnerability is CVE-2021-27470?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2021-27470?

How do I fix CVE-2021-27470?

What systems are affected by CVE-2021-27470?

Can CVE-2021-27470 be exploited remotely?

What type of vulnerability is CVE-2021-27470?