CVE-2021-27462

Publication date

2022-03-23 19:46:30

Family

icscert

State

PUBLISHED

Description

A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre.