CVE-2021-22681

INSUFFICIENTLY PROTECTED CREDENTIALS CWE-522
Studio 5000 Logix Designer uses a key to verify Logix controllers are communicating with the affected Rockwell Automation products. The product is vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Logix controllers.

Read more: Claroty Discovers Critical Authentication Bypass in Rockwell Software

Risk Information

  • CVE ID
  • CVE-2021-22681
  • Vendor
  • Rockwell Automation
  • Product
  • Logix Controllers
  • CVSS v3
  • 10