CVE-2021-27471

Name of the Vulnerable Software and Affected Versions Rockwell Automation Connected Components Workbench versions prior to 12.00.00

Description The issue is related to the parsing mechanism of certain file types, which lacks input sanitization for file paths. This could allow an attacker to create malicious files that can traverse the file system when opened, potentially overwriting existing files and creating new ones with the same permissions as the software. Exploitation requires user interaction.

Recommendations For versions prior to 12.00.00, consider restricting access to file system operations until a patch is available. As a temporary workaround, avoid opening files from untrusted sources to minimize the risk of exploitation.