cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-0477,https://securityvulnerability.io/vulnerability/CVE-2025-0477,Weak Encryption Vulnerability in Rockwell Automation FactoryTalk® AssetCentre,"An encryption vulnerability has been identified in Rockwell Automation's FactoryTalk® AssetCentre, affecting all versions prior to V15.00.001. This issue arises from a weak encryption methodology, which could potentially enable threat actors to extract user passwords. Organizations using vulnerable versions are urged to upgrade promptly to safeguard sensitive data and maintain the integrity of their operations.",Rockwell Automation,Factorytalk® Assetcentre,9.3,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T17:49:03.933Z,185
CVE-2025-0497,https://securityvulnerability.io/vulnerability/CVE-2025-0497,Data Exposure Vulnerability in Rockwell Automation FactoryTalk® AssetCentre,"A vulnerability exists in previous versions of Rockwell Automation's FactoryTalk® AssetCentre, where sensitive credentials are improperly stored in the configuration files of various packages, including EventLogAttachmentExtractor and ArchiveExtractor. This could potentially allow unauthorized access to critical information, compromising the integrity and confidentiality of sensitive data.",Rockwell Automation,Factorytalk® Assetcentre,7.3,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T17:40:51.775Z,0
CVE-2025-0498,https://securityvulnerability.io/vulnerability/CVE-2025-0498,Data Exposure Vulnerability in Rockwell Automation FactoryTalk® AssetCentre,"A data exposure vulnerability exists in all versions of Rockwell Automation FactoryTalk® AssetCentre prior to V15.00.001. This issue stems from the insecure storage of FactoryTalk® Security user tokens. As a result, malicious actors could potentially exploit this vulnerability to steal user tokens, thereby impersonating other users and gaining unauthorized access to sensitive information.",Rockwell Automation,Factorytalk® Assetcentre,7,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T17:36:12.542Z,0
CVE-2021-27476,https://securityvulnerability.io/vulnerability/CVE-2021-27476,Rockwell Automation FactoryTalk AssetCentre OS Command Injection,"A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier.",Rockwell Automation,Factorytalk Assetcentre,10,CRITICAL,0.0010900000343099236,false,,false,false,false,,,false,false,,2022-03-23T19:46:36.000Z,0
CVE-2021-27470,https://securityvulnerability.io/vulnerability/CVE-2021-27470,Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data,"A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre.",Rockwell Automation,Factorytalk Assetcentre,10,CRITICAL,0.006140000186860561,false,,false,false,false,,,false,false,,2022-03-23T19:46:35.000Z,0
CVE-2021-27466,https://securityvulnerability.io/vulnerability/CVE-2021-27466,Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data,"A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre.",Rockwell Automation,Factorytalk Assetcentre,10,CRITICAL,0.006140000186860561,false,,false,false,false,,,false,false,,2022-03-23T19:46:34.000Z,0
CVE-2021-27474,https://securityvulnerability.io/vulnerability/CVE-2021-27474,Rockwell Automation FactoryTalk AssetCentre Use of Potentially Dangerous Function,"Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all functions relating to IIS remoting services. This vulnerability may allow a remote, unauthenticated attacker to modify sensitive data in FactoryTalk AssetCentre.",Rockwell Automation,Factorytalk Assetcentre,10,CRITICAL,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-03-23T19:46:33.000Z,0
CVE-2021-27468,https://securityvulnerability.io/vulnerability/CVE-2021-27468,Rockwell Automation FactoryTalk AssetCentre SQL Injection,"The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements.",Rockwell Automation,Factorytalk Assetcentre,10,CRITICAL,0.003470000112429261,false,,false,false,false,,,false,false,,2022-03-23T19:46:32.000Z,0
CVE-2021-27472,https://securityvulnerability.io/vulnerability/CVE-2021-27472,Rockwell Automation FactoryTalk AssetCentre SQL Injection,"A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier, which may allow for the execution of remote unauthenticated arbitrary SQL statements.",Rockwell Automation,Factorytalk Assetcentre,10,CRITICAL,0.008620000444352627,false,,false,false,false,,,false,false,,2022-03-23T19:46:31.000Z,0
CVE-2021-27464,https://securityvulnerability.io/vulnerability/CVE-2021-27464,Rockwell Automation FactoryTalk AssetCentre SQL Injection,"The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements.",Rockwell Automation,Factorytalk Assetcentre,10,CRITICAL,0.003470000112429261,false,,false,false,false,,,false,false,,2022-03-23T19:46:30.000Z,0
CVE-2021-27462,https://securityvulnerability.io/vulnerability/CVE-2021-27462,Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data,"A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre.",Rockwell Automation,Factorytalk Assetcentre,10,CRITICAL,0.006140000186860561,false,,false,false,false,,,false,false,,2022-03-23T19:46:30.000Z,0
CVE-2021-27460,https://securityvulnerability.io/vulnerability/CVE-2021-27460,Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data,"Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthenticated attacker to gain full access to the FactoryTalk AssetCentre main server and all agent machines.",Rockwell Automation,Factorytalk Assetcentre,10,CRITICAL,0.003120000008493662,false,,false,false,false,,,false,false,,2022-03-23T19:46:29.000Z,0