Filtered by vendor Rockwellautomation
Subscriptions
Filtered by product Factorytalk Assetcentre
Subscriptions
Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-27476 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-11-21 | 10 Critical |
| A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier. | ||||
| CVE-2021-27474 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-11-21 | 10 Critical |
| Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all functions relating to IIS remoting services. This vulnerability may allow a remote, unauthenticated attacker to modify sensitive data in FactoryTalk AssetCentre. | ||||
| CVE-2021-27472 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-11-21 | 10 Critical |
| A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier, which may allow for the execution of remote unauthenticated arbitrary SQL statements. | ||||
| CVE-2021-27470 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-11-21 | 10 Critical |
| A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre. | ||||
| CVE-2021-27468 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-11-21 | 10 Critical |
| The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements. | ||||
| CVE-2021-27466 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-11-21 | 10 Critical |
| A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre. | ||||
| CVE-2021-27464 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-11-21 | 10 Critical |
| The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements. | ||||
| CVE-2021-27462 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-11-21 | 10 Critical |
| A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre. | ||||
| CVE-2021-27460 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-11-21 | 10 Critical |
| Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthenticated attacker to gain full access to the FactoryTalk AssetCentre main server and all agent machines. | ||||
Page 1 of 1.