CVE-2021-27464

Name of the Vulnerable Software and Affected Versions FactoryTalk AssetCentre versions prior to 10.00

Description The issue concerns the ArchiveService.rem service, which exposes functions without proper authentication, potentially allowing a remote, unauthenticated attacker to execute arbitrary SQL statements.

Recommendations For versions prior to 10.00, consider restricting access to the ArchiveService.rem service until a patch is available. As a temporary workaround, limiting the exposure of this service can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.