CVE-2021-22681

Known Exploited Vulnerability Entry External Catalog

Back to Catalog View Vulnerability

Entry Details

Vulnerability ID

CVE-2021-22681

Status

Confirmed

Exploited

Yes

Status Updated At

2026-03-05 00:00 UTC

Timestamps

First Seen At

2026-03-05

Asserted At

2026-03-05

Scope

Notes

KEV entry: Rockwell Multiple Products Insufficient Protected Credentials Vulnerability | Affected: Rockwell / Multiple Products | Description: Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. This key is used to verify Logix controllers are communicating with Rockwell Automation design software. If successfully exploited, this vulnerability could allow an unauthorized application to connect with Logix controllers. To leverage this vulnerability, an unauthorized user would require network access to the controller. | Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2026-03-26 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://support.rockwellautomation.com/app/answers/answer_view/a_id/1130301/~/cve-2021-22681%3A-authentication-bypass-vulnerability-found-in-logix-controllers- ; https://www.cisa.gov/news-events/ics-advisories/icsa-21-056-03 ; https://nvd.nist.gov/vuln/detail/CVE-2021-22681

References

{'id': 'CVE-2021-22681', 'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-22681'}

Entry UUID

e89d924d-ea2c-4157-aa07-c7d8d4f3bedd

Catalog Origin UUID

405284c2-e461-4670-8979-7fd2c9755a60

Created

2026-03-05 20:00 UTC

Last Updated

2026-03-05 20:00 UTC

Evidence (1)

Type Source Signal Confidence Details GCVE Metadata

Type	Source	Signal	Confidence	Details	GCVE Metadata
vendor_report	cisa-kev	successful_exploitation	0.80	View details `{ "cwes": [ "CWE-522" ], "date_added": "2026-03-05", "due_date": "2026-03-26", "feed": "CISA Known Exploited Vulnerabilities Catalog", "knownRansomwareCampaignUse": "Unknown", "product": "Multiple Products", "vendorProject": "Rockwell", "vulnerabilityName": "Rockwell Multiple Products Insufficient Protected Credentials Vulnerability" }`	-

vendor_report

cisa-kev

successful_exploitation

0.80

View details

{
  "cwes": [
    "CWE-522"
  ],
  "date_added": "2026-03-05",
  "due_date": "2026-03-26",
  "feed": "CISA Known Exploited Vulnerabilities Catalog",
  "knownRansomwareCampaignUse": "Unknown",
  "product": "Multiple Products",
  "vendorProject": "Rockwell",
  "vulnerabilityName": "Rockwell Multiple Products Insufficient Protected Credentials Vulnerability"
}

Export Options

JSON Object JSON API View Full Catalog