Vulnerability Details CVE-2021-22681
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.154
EPSS Ranking 94.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Proposed Action
Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. This key is used to verify Logix controllers are communicating with Rockwell Automation design software. If successfully exploited, this vulnerability could allow an unauthorized application to connect with Logix controllers. To leverage this vulnerability, an unauthorized user would require network access to the controller.
Ransomware Campaign
Unknown
References
Products affected by CVE-2021-22681
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:2.51.00.8
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:2.61
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:2.71
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:2.73
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:2.74
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:2.80
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:2.90
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:6.10.00
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:6.11.00
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:6.31.00
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:cpr9
-
cpe:2.3:a:rockwellautomation:rslogix_5000:*
-
cpe:2.3:a:rockwellautomation:studio_5000_logix_designer:32.0
-
cpe:2.3:a:rockwellautomation:studio_5000_logix_designer:32.00
-
cpe:2.3:a:rockwellautomation:studio_5000_logix_designer:32.01
-
cpe:2.3:a:rockwellautomation:studio_5000_logix_designer:32.02
-
cpe:2.3:a:rockwellautomation:studio_5000_logix_designer:33.00
-
cpe:2.3:h:rockwellautomation:compact_guardlogix_5370:-
-
cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-
-
cpe:2.3:h:rockwellautomation:compactlogix_1768:-
-
cpe:2.3:h:rockwellautomation:compactlogix_1769:-
-
cpe:2.3:h:rockwellautomation:compactlogix_5370:-
-
cpe:2.3:h:rockwellautomation:compactlogix_5380:-
-
cpe:2.3:h:rockwellautomation:compactlogix_5480:-
-
cpe:2.3:h:rockwellautomation:controllogix_5550:-
-
cpe:2.3:h:rockwellautomation:controllogix_5560:-
-
cpe:2.3:h:rockwellautomation:controllogix_5570:-
-
cpe:2.3:h:rockwellautomation:controllogix_5580:-
-
cpe:2.3:h:rockwellautomation:drivelogix_1794-l34:-
-
cpe:2.3:h:rockwellautomation:drivelogix_5560:-
-
cpe:2.3:h:rockwellautomation:drivelogix_5730:-
-
cpe:2.3:h:rockwellautomation:guardlogix_5570:-
-
cpe:2.3:h:rockwellautomation:guardlogix_5580:-
-
cpe:2.3:h:rockwellautomation:softlogix_5800:-