CVE-2021-27460

Name of the Vulnerable Software and Affected Versions Rockwell Automation FactoryTalk AssetCentre versions 10.00 and earlier

Description The issue concerns .NET remoting endpoints deserializing untrusted data without proper validation, potentially allowing a remote, unauthenticated attacker to gain full access to the main server and all agent machines.

Recommendations For versions 10.00 and earlier, consider disabling the .NET remoting endpoints as a temporary workaround until a patch is available. Restrict access to the FactoryTalk AssetCentre main server and agent machines to minimize the risk of exploitation.