ByteOS Network

Vulnerability Details :

CVE-2021-22681

Assigner Org ID-7d14cffa-0d7d-4270-9dc0-52cabd5a23a6

Published At-03 Mar, 2021 | 17:59

Updated At-06 Mar, 2026 | 05:01

Rockwell Multiple Products Insufficient Protected Credentials Vulnerability

Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. This key is used to verify Logix controllers are communicating with Rockwell Automation design software. If successfully exploited, this vulnerability could allow an unauthorized application to connect with Logix controllers. To leverage this vulnerability, an unauthorized user would require network access to the controller.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Known Exploited Vulnerabilities (KEV)

cisa.gov

Vendor:

Rockwell

Product:Multiple Products

Added At:05 Mar, 2026

Due At:26 Mar, 2026

Rockwell Multiple Products Insufficient Protected Credentials Vulnerability

Used in Ransomware

Unknown

CWE

CWE-522

Required Action:

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes:

https://support.rockwellautomation.com/app/answers/answer_view/a_id/1130301/~/cve-2021-22681%3A-authentication-bypass-vulnerability-found-in-logix-controllers- ; https://www.cisa.gov/news-events/ics-advisories/icsa-21-056-03 ; https://nvd.nist.gov/vuln/detail/CVE-2021-22681

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:icscert

Assigner Org ID:7d14cffa-0d7d-4270-9dc0-52cabd5a23a6

Published At:03 Mar, 2021 | 17:59

Updated At:06 Mar, 2026 | 05:01

▼CVE Numbering Authority (CNA)

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800.

Affected Products

Vendor

n/a

Product

Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers

Versions

Affected

RSLogix 5000 Versions 16 through 20
Studio 5000 Logix Designer: Versions 21 and later
CompactLogix 1768, 1769, 5370, 5380, 5480
ControlLogix 5550, 5560, 5570, 5580
DriveLogix 5560, 5730, 1794-L34
Compact GuardLogix 5370, 5380
GuardLogix 5570, 5580
SoftLogix 5800

Problem Types

Type	CWE ID	Description
CWE	CWE-522	Insufficiently Protected Credentials CWE-522

Type: CWE

CWE ID: CWE-522

Description: Insufficiently Protected Credentials CWE-522

References

Hyperlink	Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03	x_refsource_MISC

Hyperlink: https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03

Resource:

x_refsource_MISC

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03	x_refsource_MISC x_transferred

Hyperlink: https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03

Resource:

x_refsource_MISC

x_transferred

2. CISA ADP Vulnrichment

Metrics

Version	Base score	Base severity	Vector
3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Metrics Other Info

kev

dateAdded:

2026-03-05

reference:

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22681

Timeline

Event	Date
CVE-2021-22681 added to CISA KEV	2026-03-05 00:00:00

Event: CVE-2021-22681 added to CISA KEV

Date: 2026-03-05 00:00:00

References

Hyperlink	Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22681	government-resource

Hyperlink: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22681

Resource:

government-resource

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:ics-cert@hq.dhs.gov

Published At:03 Mar, 2021 | 18:15

Updated At:06 Mar, 2026 | 13:44

CISA Catalog

Date Added	Due Date	Vulnerability Name	Required Action
2026-03-05	2026-03-26	Rockwell Multiple Products Insufficient Protected Credentials Vulnerability	Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Date Added: 2026-03-05

Due Date: 2026-03-26

Vulnerability Name: Rockwell Multiple Products Insufficient Protected Credentials Vulnerability

Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary	3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P

Type: Primary

Version: 3.1

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 7.5

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE ID	Type	Source
CWE-522	Secondary	ics-cert@hq.dhs.gov
CWE-522	Primary	nvd@nist.gov

Hyperlink	Source	Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03	ics-cert@hq.dhs.gov	Third Party Advisory US Government Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22681	134c704f-9b21-4f2e-91b3-4a467353bcc0	US Government Resource

CVE-2021-22681

Credits

Rockwell Multiple Products Insufficient Protected Credentials Vulnerability

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Rockwell Multiple Products Insufficient Protected Credentials Vulnerability

Used in Ransomware

Unknown

CWE

Required Action:

Additional Notes:

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs