CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27475 – Rockwell Automation Connected Components Workbench Deserialization of Untrusted Data
https://notcve.org/view.php?id=CVE-2021-27475
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited. Rockwell Automation Connected Components Workbench versiones v12.00.00 y anteriores, no limita los objetos que pueden ser deserializados. Esta vulnerabilidad permite a atacantes diseñar un objeto serializado malicioso que, si es abierto por un usuario local en Connected Components Workbench, puede resultar en una ejecución de código remota. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131435 https://www.cisa.gov/uscert/ics/advisories/icsa-21-133-01 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27471 – Rockwell Automation Connected Components Workbench Path Traversal
https://notcve.org/view.php?id=CVE-2021-27471
The parsing mechanism that processes certain file types does not provide input sanitization for file paths. This may allow an attacker to craft malicious files that, when opened by Rockwell Automation Connected Components Workbench v12.00.00 and prior, can traverse the file system. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the Connected Components Workbench software. User interaction is required for this exploit to be successful. El mecanismo de análisis sintáctico que procesa determinados tipos de archivos no proporciona saneo de entrada para las rutas de archivos. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131435 https://www.cisa.gov/uscert/ics/advisories/icsa-21-133-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27473 – Rockwell Automation Connected Components Workbench Improper Input Validation
https://notcve.org/view.php?id=CVE-2021-27473
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not sanitize paths specified within the .ccwarc archive file during extraction. This type of vulnerability is also commonly referred to as a Zip Slip. A local, authenticated attacker can create a malicious .ccwarc archive file that, when opened by Connected Components Workbench, will allow the attacker to gain the privileges of the software. If the software is running at SYSTEM level, the attacker will gain admin level privileges. User interaction is required for this exploit to be successful. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131435 https://www.cisa.gov/uscert/ics/advisories/icsa-21-133-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27476 – Rockwell Automation FactoryTalk AssetCentre OS Command Injection
https://notcve.org/view.php?id=CVE-2021-27476
A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier. Se presenta una vulnerabilidad en la función SaveConfigFile del servicio RACompare, que puede permitir una inyección de comandos del Sistema Operativo. Esta vulnerabilidad puede permitir a un atacante remoto no autenticado ejecutar comandos arbitrarios en Rockwell Automation FactoryTalk AssetCentre versiones v10.00 y anteriores • https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F1130831 https://www.cisa.gov/uscert/ics/advisories/icsa-21-091-01 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27470 – Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data
https://notcve.org/view.php?id=CVE-2021-27470
A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre. Se presenta una vulnerabilidad de deserialización en la forma en que el servicio LogService.rem de Rockwell Automation FactoryTalk AssetCentre versiones v10.00 y anteriores, verifica los datos serializados. Esta vulnerabilidad puede permitir a un atacante remoto no autenticado ejecutar comandos arbitrarios en FactoryTalk AssetCentre • https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F1130831 https://www.cisa.gov/uscert/ics/advisories/icsa-21-091-01 • CWE-502: Deserialization of Untrusted Data •