CVE-2021-27472
published 2022-03-23CVE-2021-27472: A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier, which may allow…
PriorityP268critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
5.32%
91.6th percentile
A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier, which may allow for the execution of remote unauthenticated arbitrary SQL statements.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockwell_automation | factorytalk_assetcentre | unspecified – v10.00 | — |
| rockwellautomation | factorytalk_assetcentre | <= 10.00 | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Rockwell Automation FactoryTalk AssetCentre
cisa_ics·2021-04-01·CVSS 10.0
[CRITICAL] Rockwell Automation FactoryTalk AssetCentre
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Rockwell Automation FactoryTalk AssetCentre
Last RevisedApril 01, 2021
Alert CodeICSA-21-091-01
## 1. EXECUTIVE SUMMARY
- CVSS v3 10.0
- ATTENTION: Exploitable remotely/Low attack complexity
- Vendor: Rockwell Automation
- Equipment: FactoryTalk AssetCentre
- Vulnerabilities: OS Command Injection, Deserialization of Untrusted Data, SQL Injection, Improperly Restricted Functions
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities may allow unauthenticated attackers to perform arbitrary command execution, SQL injection, or remote code execution.
## 3. TEC
GHSA
GHSA-h3rx-5ggg-649j: A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10
ghsa_unreviewed·2022-03-24
CVE-2021-27472 [CRITICAL] CWE-89 GHSA-h3rx-5ggg-649j: A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10
A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier, which may allow for the execution of remote unauthenticated arbitrary SQL statements.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F1130831https://www.cisa.gov/uscert/ics/advisories/icsa-21-091-01https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F1130831https://www.cisa.gov/uscert/ics/advisories/icsa-21-091-01
2022-03-23
Published