Details of VAR-202105-1524

ID

VAR-202105-1524

CVE

CVE-2021-27473

TITLE

Rockwell Automation Made Connected Components Workbench Multiple vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2021-001430

DESCRIPTION

Rockwell Automation Connected Components Workbench v12.00.00 and prior does not sanitize paths specified within the .ccwarc archive file during extraction. This type of vulnerability is also commonly referred to as a Zip Slip. A local, authenticated attacker can create a malicious .ccwarc archive file that, when opened by Connected Components Workbench, will allow the attacker to gain the privileges of the software. If the software is running at SYSTEM level, the attacker will gain admin level privileges. User interaction is required for this exploit to be successful. * Deserialization of untrusted data (CWE-502) - CVE-2021-27475 ‥ * Path traversal (CWE-22) - CVE-2021-27471 ‥ * Incorrect input confirmation (CWE-20) - CVE-2021-27473The expected impact depends on each vulnerability, but it may be affected as follows. * When a local user opens a malicious serialized object created by a third party in the product, the code is executed remotely. - CVE-2021-27475 ‥ * When a local user opens a malicious file created by a third party with the corresponding product, the existing file is overwritten or a new file is created with the authority of the corresponding product. - CVE-2021-27471 ‥ * Illegal created by a malicious user .ccwarc By opening the archive file with the corresponding product, the authority of the product is acquired. - CVE-2021-27473. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. An automatic programming software

Trust: 2.25

sources: NVD: CVE-2021-27473 // JVNDB: JVNDB-2021-001430 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-386740

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	connected components workbench	scope:	lte	version:	12.00.00	Trust: 1.0
vendor:	rockwell automation	model:	connected components workbench	scope:	eq	version:	-	Trust: 0.8
vendor:	rockwell automation	model:	connected components workbench	scope:	lte	version:	v12.00.00 and earlier	Trust: 0.8

sources: JVNDB: JVNDB-2021-001430 // NVD: CVE-2021-27473

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-27473
value:	HIGH
Trust: 1.0
ics-cert@hq.dhs.gov:	CVE-2021-27473
value:	MEDIUM
Trust: 1.0
IPA:	JVNDB-2021-001430
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202105-802
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-386740
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-27473
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-386740
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-27473
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.5
impactScore:	6.0
version:	3.1
Trust: 1.0
ics-cert@hq.dhs.gov:	CVE-2021-27473
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	1.8
impactScore:	3.7
version:	3.1
Trust: 1.0
IPA:	JVNDB-2021-001430
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-386740 // JVNDB: JVNDB-2021-001430 // CNNVD: CNNVD-202105-802 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-27473 // NVD: CVE-2021-27473

PROBLEMTYPE DATA

problemtype:	CWE-22	Trust: 1.1
problemtype:	Incorrect input confirmation (CWE-20) [IPA Evaluation ]	Trust: 0.8
problemtype:	Path traversal (CWE-22) [IPA Evaluation ]	Trust: 0.8
problemtype:	Deserialization of untrusted data (CWE-502) [IPA Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-386740 // JVNDB: JVNDB-2021-001430 // NVD: CVE-2021-27473

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202105-802

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202105-802

PATCH

title:	industrial security advisory from Rockwell Automation ( Login required )	url:	https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F1131435	Trust: 0.8
title:	Rockwell Automation Connected Components Workbench Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=150445	Trust: 0.6

sources: JVNDB: JVNDB-2021-001430 // CNNVD: CNNVD-202105-802

EXTERNAL IDS

db:	NVD	id:	CVE-2021-27473	Trust: 2.5
db:	ICS CERT	id:	ICSA-21-133-01	Trust: 2.5
db:	JVN	id:	JVNVU95873084	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-001430	Trust: 0.8
db:	AUSCERT	id:	ESB-2021.1650	Trust: 0.6
db:	CS-HELP	id:	SB2021051401	Trust: 0.6
db:	CNNVD	id:	CNNVD-202105-802	Trust: 0.6
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	VULHUB	id:	VHN-386740	Trust: 0.1

sources: VULHUB: VHN-386740 // JVNDB: JVNDB-2021-001430 // CNNVD: CNNVD-202105-802 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-27473

REFERENCES

url:	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131435	Trust: 1.7
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-21-133-01	Trust: 1.7
url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-133-01	Trust: 1.4
url:	http://jvn.jp/cert/jvnvu95873084	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2021051401	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1650	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2021-27473/	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6

sources: VULHUB: VHN-386740 // JVNDB: JVNDB-2021-001430 // CNNVD: CNNVD-202105-802 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-27473

SOURCES

db:	VULHUB	id:	VHN-386740
db:	JVNDB	id:	JVNDB-2021-001430
db:	CNNVD	id:	CNNVD-202105-802
db:	CNNVD	id:	CNNVD-202104-975
db:	NVD	id:	CVE-2021-27473

LAST UPDATE DATE

2024-08-14T12:33:07.385000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-386740	date:	2022-03-29T00:00:00
db:	JVNDB	id:	JVNDB-2021-001430	date:	2021-05-17T08:36:00
db:	CNNVD	id:	CNNVD-202105-802	date:	2022-03-30T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	NVD	id:	CVE-2021-27473	date:	2022-03-29T17:50:48.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-386740	date:	2022-03-23T00:00:00
db:	JVNDB	id:	JVNDB-2021-001430	date:	2021-05-17T00:00:00
db:	CNNVD	id:	CNNVD-202105-802	date:	2021-05-13T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	NVD	id:	CVE-2021-27473	date:	2022-03-23T20:15:09.153