top of page
perceptive_background_267k.jpg

Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. Th…

Published:

5 maart 2026 om 00:00:00

Alert date:

5 maart 2026 om 20:09:02

Source:

cisa.gov

Click to open the original link from this advisory

Critical Infrastructure, Enterprise Applications

Multiple Rockwell Automation products contain an insufficient protected credentials vulnerability (CVE-2021-22681) in Studio 5000 Logix Designer software. The vulnerability allows discovery of a verification key used for communication between Logix controllers and Rockwell design software. Successful exploitation could enable unauthorized applications to connect with Logix controllers, requiring network access to the controller. This authentication bypass vulnerability affects critical industrial control systems and could compromise operational technology environments.

Technical details

Mitigation steps:

Affected products:

Rockwell Automation Studio 5000 Logix Designer
Rockwell Automation Logix Controllers

Related links:

https://www.cisa.gov/news-events/ics-advisories/icsa-21-056-03
https://support.rockwellautomation.com/app/answers/answer_view/a_id/1130301/~/cve-2021-22681%3A-authentication-bypass-vulnerability-found-in-logix-controllers-
https://nvd.nist.gov/vuln/detail/CVE-2021-22681

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page