CRITICALπŸ‡΅πŸ‡± Wersja polska

CVE-2021-27474

CVSS 10.0v3.1pub. 2022-03-23upd. 2024-11-21

Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all functions relating to IIS remoting services. This vulnerability may allow a remote, unauthenticated attacker to modify sensitive data in FactoryTalk AssetCentre.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H
  • Rockwellautomation Factorytalk Assetcentre

    APP
    Rockwellautomation
    ≀ 10.00
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2025-0477CRITICAL9.3PL βœ“ten sam produkt

SΕ‚abe szyfrowanie haseΕ‚ w Rockwell Automation FactoryTalk AssetCentre

CVE-2021-27464CRITICAL10.0ten sam produkt

The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes funct...

CVE-2021-27466CRITICAL10.0ten sam produkt

A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell Automation FactoryTal...

CVE-2021-27468CRITICAL10.0ten sam produkt

The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions...

CVE-2021-27462CRITICAL10.0ten sam produkt

A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation FactoryTalk As...

CVE-2021-27474 β€” Rockwellautomation β€” Factorytalk Assetcentre β€” CRITICAL β€” CVSS 10.0 | CVEbaza.pl