Unrated severityNVD Advisory· Published Mar 23, 2022· Updated Apr 16, 2025
Rockwell Automation FactoryTalk AssetCentre OS Command Injection
CVE-2021-27476
Description
A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=10.00+ 1 more
- (no CPE)range: <=10.00
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
2- idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspxmitrex_refsource_CONFIRM
- www.cisa.gov/uscert/ics/advisories/icsa-21-091-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.