CVE-2021-27473

Rockwell Automation Connected Components Workbench Improper Input Validation

CVSS 6.1 MEDIUMEPSS 0.8%CWE-22

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.1EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

23 Mar 2022Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Rockwell Automation Connected Components Workbench v12.00.00 and prior does not sanitize paths specified within the .ccwarc archive file during extraction. This type of vulnerability is also commonly referred to as a Zip Slip. A local, authenticated attacker can create a malicious .ccwarc archive file that, when opened by Connected Components Workbench, will allow the attacker to gain the privileges of the software. If the software is running at SYSTEM level, the attacker will gain admin level privileges. User interaction is required for this exploit to be successful.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Affected products

Rockwell Automation · Connected Components Workbench

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131435 https://www.cisa.gov/uscert/ics/advisories/icsa-21-133-01