CVE-2021-22681
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers | RSLogix 5000 Versions 16 through 20 | affected |
| n/a | Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers | Studio 5000 Logix Designer: Versions 21 and later | affected |
| n/a | Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers | CompactLogix 1768, 1769, 5370, 5380, 5480 | affected |
| n/a | Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers | ControlLogix 5550, 5560, 5570, 5580 | affected |
| n/a | Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers | DriveLogix 5560, 5730, 1794-L34 | affected |
| n/a | Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers | Compact GuardLogix 5370, 5380 | affected |
| n/a | Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers | GuardLogix 5570, 5580 | affected |
| n/a | Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers | SoftLogix 5800 | affected |
Weaknesses
- CWE-522: Insufficiently Protected Credentials CWE-522
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: active
- Automatable: yes
- Technical Impact: total
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.