Unrated severityNVD Advisory· Published Mar 23, 2022· Updated Apr 16, 2025
Rockwell Automation Connected Components Workbench Deserialization of Untrusted Data
CVE-2021-27475
Description
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=12.00.00+ 1 more
- (no CPE)range: <=12.00.00
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
2- rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131435mitrex_refsource_CONFIRM
- www.cisa.gov/uscert/ics/advisories/icsa-21-133-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.