CVE-2021-22681

Published: Mar 3, 2021Modified: Mar 6, 2026CISA KEV

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800.

Affected (3)

Products: Rockwellautomation: Factorytalk Services Platform, Rslogix 5000, Studio 5000 Logix Designer

Rockwellautomation

3 products

Factorytalk Services Platform

Rslogix 5000

Studio 5000 Logix Designer

Configuration A

3 vulnerable · 17 platform

Vulnerable Software	Affected Versions
Rockwellautomation Factorytalk Services Platform	From 2.10
Rockwellautomation Rslogix 5000	From 16 to 20
Rockwellautomation Studio 5000 Logix Designer	From 21.0

Running on/with	Platform Versions
Rockwellautomation Compact Guardlogix 5370	All versions
Rockwellautomation Compact Guardlogix 5380	All versions
Rockwellautomation Compactlogix 1768	All versions
Rockwellautomation Compactlogix 1769	All versions
Rockwellautomation Compactlogix 5370	All versions
Rockwellautomation Compactlogix 5380	All versions
Rockwellautomation Compactlogix 5480	All versions
Rockwellautomation Controllogix 5550	All versions
Rockwellautomation Controllogix 5560	All versions
Rockwellautomation Controllogix 5570	All versions
Rockwellautomation Controllogix 5580	All versions
Rockwellautomation Drivelogix 1794 L34	All versions
Rockwellautomation Drivelogix 5560	All versions
Rockwellautomation Drivelogix 5730	All versions
Rockwellautomation Guardlogix 5570	All versions
Rockwellautomation Guardlogix 5580	All versions
Rockwellautomation Softlogix 5800	All versions

Related CWEs

CWE-522

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (3)

https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22681

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

US Government Resource

Timeline

No history available yet.