CVE-2021-22681

Warnung

Medienbericht

EPSS 16.25%
Veröffentlicht 03.03.2021 18:15:14
Zuletzt bearbeitet 06.03.2026 13:44:06
Quelle ics-cert@hq.dhs.gov
CVE-Watchlists
Login
Unerledigt
Login

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800.

Betroffene Produkte Warnungen 1 Metriken 4 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Rockwellautomation ≫ Factorytalk Services Platform Version >= 2.10

Rockwellautomation ≫ Rslogix 5000 Version >= 16 <= 20

Rockwellautomation ≫ Studio 5000 Logix Designer Version >= 21.0

05.03.2026: CISA Known Exploited Vulnerabilities (KEV) Catalog

Rockwell Multiple Products Insufficient Protected Credentials Vulnerability

Schwachstelle

Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. This key is used to verify Logix controllers are communicating with Rockwell Automation design software. If successfully exploited, this vulnerability could allow an unauthorized application to connect with Logix controllers. To leverage this vulnerability, an unauthorized user would require network access to the controller.

Beschreibung

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	16.25%	0.947

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-522 Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

https://www.heise.de/news/Warnung-vor-Angriffen-auf-Hikvision-Rockwell-Automation-und-Apple-Produkte-11201384.html

Medienbericht

heise Security

06.03.2026 09:46

https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03

Third Party Advisory

US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22681

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2021-22681

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-22681

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-22681

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2021-22681

05.03.2026: CISA Known Exploited Vulnerabilities (KEV) Catalog