Unrated severityNVD Advisory· Published Mar 23, 2022· Updated Apr 16, 2025
Rockwell Automation FactoryTalk AssetCentre SQL Injection
CVE-2021-27468
Description
The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=10.00+ 1 more
- (no CPE)range: <=10.00
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
2- idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspxmitrex_refsource_CONFIRM
- www.cisa.gov/uscert/ics/advisories/icsa-21-091-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.