Description
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running.
References (1)
Core 1
Core References
Scores
CVSS v3
7.5
EPSS
0.0058
EPSS Percentile
69.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-20
Status
published
Products (8)
rockwellautomation/compact_guardlogix_5380_sil_2_firmware
31.011 - 33.017
rockwellautomation/compact_guardlogix_5380_sil_3_firmware
32.013 - 33.017
rockwellautomation/compactlogix_5380_firmware
28.011 - 33.017
rockwellautomation/compactlogix_5480_firmware
32.011 - 33.017
rockwellautomation/controllogix_5580_firmware
28.011 - 33.017
rockwellautomation/controllogix_5580_process_firmware
33.011 - 33.017
rockwellautomation/factorytalk_logix_echo_firmware
33.011 - 34.014
rockwellautomation/guardlogix_5580_firmware
31.011 - 33.017
Published
Oct 14, 2024
Tracked Since
Feb 18, 2026