CVE-2021-27471: 
Rockwell Automation Connected Components Workbench vulnerability analysis and mitigation

The vulnerability (CVE-2021-27471) affects Rockwell Automation Connected Components Workbench v12.00.00 and prior versions. It is a path traversal vulnerability (CWE-22) where the parsing mechanism that processes certain file types does not provide input sanitization for file paths (CISA Advisory).

The vulnerability has been assigned a CVSS v3.1 base score of 7.7 HIGH with vector string (AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). The vulnerability allows an attacker to craft malicious files that, when opened by Connected Components Workbench, can traverse the file system. The exploitation requires user interaction to be successful (CISA Advisory, NVD).

If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the Connected Components Workbench software. The vulnerability affects multiple critical infrastructure sectors including Commercial Facilities, Defense Industrial Base, Energy, and Government Facilities globally (CISA Advisory).

Rockwell Automation recommends users update to Connected Components Workbench v13.00.00 or later. If upgrade is not possible, users should: run Connected Components Workbench as a User (not Administrator), avoid opening untrusted files, employ training programs for phishing awareness, use Microsoft AppLocker, and follow the least-privilege principle (CISA Advisory).