{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T18:57:24.129","vulnerabilities":[{"cve":{"id":"CVE-2021-22681","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2021-03-03T18:15:14.643","lastModified":"2026-03-06T13:44:06.370","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800."},{"lang":"es","value":"Rockwell Automation Studio 5000 Logix Designer versiones 21 y posteriores, y RSLogix 5000 versiones 16 hasta 20, usan una clave para verificar que los controladores Logix se estén comunicando con Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer versiones 21 y posteriores y RSLogix 5000: Versiones 16 hasta 20, son vulnerables porque un atacante no autenticado podría pasar por alto este mecanismo de comprobación y autenticarse con Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550 , 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"cisaExploitAdd":"2026-03-05","cisaActionDue":"2026-03-26","cisaRequiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","cisaVulnerabilityName":"Rockwell Multiple Products Insufficient Protected Credentials Vulnerability","weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-522"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:factorytalk_services_platform:*:*:*:*:*:*:*:*","versionStartIncluding":"2.10","matchCriteriaId":"6755FCF6-4A0C-478A-AEFF-54E35C45149D"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:rslogix_5000:*:*:*:*:*:*:*:*","versionStartIncluding":"16","versionEndIncluding":"20","matchCriteriaId":"04C30129-3F03-4486-B181-EBDE29751372"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:studio_5000_logix_designer:*:*:*:*:*:*:*:*","versionStartIncluding":"21.0","matchCriteriaId":"9C840463-A11F-43A0-AA45-1AC810713AB6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:compact_guardlogix_5370:-:*:*:*:*:*:*:*","matchCriteriaId":"6F951670-AF4D-4429-8BC1-79BDEF83B2C3"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-:*:*:*:*:*:*:*","matchCriteriaId":"62414E65-73C7-4172-B7BF-F40A66AFBB90"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:compactlogix_1768:-:*:*:*:*:*:*:*","matchCriteriaId":"2E5F100A-C8A3-49F2-B1D2-411432472B6B"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:compactlogix_1769:-:*:*:*:*:*:*:*","matchCriteriaId":"F8A690BC-4D7C-4B83-A9F6-F860445028A2"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:compactlogix_5370:-:*:*:*:*:*:*:*","matchCriteriaId":"E12ADAE3-97B1-48BC-BE69-ED75667C1886"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*","matchCriteriaId":"EDD040ED-B44C-47D0-B4D4-729C378C4F68"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*","matchCriteriaId":"80F4F5BE-07DF-402A-BF98-34FBA6A11968"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:controllogix_5550:-:*:*:*:*:*:*:*","matchCriteriaId":"13EE2216-F25F-44AB-A167-4EEA153C8F8D"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:controllogix_5560:-:*:*:*:*:*:*:*","matchCriteriaId":"EA25FF8D-51C5-4928-9B90-E4BD1476F50B"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:controllogix_5570:-:*:*:*:*:*:*:*","matchCriteriaId":"482E2CD6-D484-486C-92F4-18432D107E30"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*","matchCriteriaId":"51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:drivelogix_1794-l34:-:*:*:*:*:*:*:*","matchCriteriaId":"4A75A0FD-C337-4264-B1E4-96701851D6FA"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:drivelogix_5560:-:*:*:*:*:*:*:*","matchCriteriaId":"DFDAAA77-6964-44FC-9FFB-ECDF71665965"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:drivelogix_5730:-:*:*:*:*:*:*:*","matchCriteriaId":"03E185C3-17CA-4E3F-863B-9F906C5C59EA"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:guardlogix_5570:-:*:*:*:*:*:*:*","matchCriteriaId":"321AE938-192A-4342-8608-ADC81F0B6582"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*","matchCriteriaId":"006B7683-9FDF-4748-BA28-2EA22613E092"},{"vulnerable":false,"criteria":"cpe:2.3:h:rockwellautomation:softlogix_5800:-:*:*:*:*:*:*:*","matchCriteriaId":"BDAB7B6D-CCAC-460B-8A88-3397A2397078"}]}]}],"references":[{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22681","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}