COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2021-22681

CVE-2021-22681

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-03-05
Reference
https://nvd.nist.gov/vuln/detail/CVE-2021-22681
⌖ exploited in the wild shame 50/100 exploited-in-wild

Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. This key is used to verify Logix controllers are communicating with Rockwell Automation design software. If successfully e

Players implicated

Rockwell · vendorMultiple Products · product

Description

Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. This key is used to verify Logix controllers are communicating with Rockwell Automation design software. If successfully exploited, this vulnerability could allow an unauthorized application to connect with Logix controllers. To leverage this vulnerability, an unauthorized user would require network access to the controller.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.