First published: Wed Mar 03 2021(Updated: )
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Factorytalk Services Platform | >=2.10 | |
Rockwellautomation Rslogix 5000 | >=16<=20 | |
Rockwellautomation Studio 5000 Logix Designer | >=21.0 | |
Rockwellautomation Compact Guardlogix 5370 | ||
Rockwellautomation Compact Guardlogix 5380 | ||
Rockwellautomation Compactlogix 1768 | ||
Rockwellautomation Compactlogix 1769 | ||
Rockwellautomation Compactlogix 5370 | ||
Rockwellautomation Compactlogix 5380 | ||
Rockwellautomation Compactlogix 5480 | ||
Rockwellautomation Controllogix 5550 | ||
Rockwellautomation Controllogix 5560 | ||
Rockwellautomation Controllogix 5570 | ||
Rockwellautomation Controllogix 5580 | ||
Rockwellautomation Drivelogix 1794-l34 | ||
Rockwellautomation Drivelogix 5560 | ||
Rockwellautomation Drivelogix 5730 | ||
Rockwellautomation Guardlogix 5570 | ||
Rockwellautomation Guardlogix 5580 | ||
Rockwellautomation Softlogix 5800 | ||
Rockwell Automation RSLogix 5000: Versions 16 through 20 | ||
Rockwell Automation Studio 5000 Logix Designer | >=21 | |
Rockwell Automation FactoryTalk Security, part of the FactoryTalk Services Platform, if configured and deployed v2.10 and later |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-22681 is a vulnerability in Rockwell Automation Studio 5000 Logix Designer and RSLogix 5000 that allows unauthorized access to Logix controllers.
CVE-2021-22681 has a severity rating of 9.8 (Critical).
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later are affected by CVE-2021-22681.
RSLogix 5000 Versions 16 through 20 are affected by CVE-2021-22681.
Apply the necessary patches and updates provided by Rockwell Automation to fix CVE-2021-22681.