Unrated severityNVD Advisory· Published Mar 23, 2022· Updated Apr 16, 2025
Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data
CVE-2021-27470
Description
A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=10.00+ 1 more
- (no CPE)range: <=10.00
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
2- idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspxmitrex_refsource_CONFIRM
- www.cisa.gov/uscert/ics/advisories/icsa-21-091-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.