[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-22681":6},{"stargazers_count":4,"fetched_at":5},5,"2026-04-07T09:11:40.124Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":71,"aliases":72,"duplicate_of":9,"upstream":73,"downstream":74,"duplicates":75,"related":76,"reserved_at":9,"published_at":77,"modified_at":78,"state":79,"summary":80,"references_raw":91,"kevs":105,"epss":116,"epss_history":119,"metrics":393,"affected":404},"CVE-2021-22681","Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-522","Insufficiently Protected Credentials","The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.","weakness","Incomplete","Class",[19,23,27,31,35,39,43,47,51,55,59,63,67],{"id":20,"name":21,"techniques":22},"CAPEC-102","Session Sidejacking",[],{"id":24,"name":25,"techniques":26},"CAPEC-474","Signature Spoofing by Key Theft",[],{"id":28,"name":29,"techniques":30},"CAPEC-50","Password Recovery Exploitation",[],{"id":32,"name":33,"techniques":34},"CAPEC-509","Kerberoasting",[],{"id":36,"name":37,"techniques":38},"CAPEC-551","Modify Existing Service",[],{"id":40,"name":41,"techniques":42},"CAPEC-555","Remote Services with Stolen Credentials",[],{"id":44,"name":45,"techniques":46},"CAPEC-560","Use of Known Domain Credentials",[],{"id":48,"name":49,"techniques":50},"CAPEC-561","Windows Admin Shares with Stolen Credentials",[],{"id":52,"name":53,"techniques":54},"CAPEC-600","Credential Stuffing",[],{"id":56,"name":57,"techniques":58},"CAPEC-644","Use of Captured Hashes (Pass The Hash)",[],{"id":60,"name":61,"techniques":62},"CAPEC-645","Use of Captured Tickets (Pass The Ticket)",[],{"id":64,"name":65,"techniques":66},"CAPEC-652","Use of Known Kerberos Credentials",[],{"id":68,"name":69,"techniques":70},"CAPEC-653","Use of Known Operating System Credentials",[],[],[],[],[],[],[],"2021-03-03T17:59:43.000Z","2026-03-06T05:01:20.925Z","Analyzed",{"cisa_kev":81,"cisa_ransomware":82,"cisa_vendor":83,"epss_severity":84,"epss_score":85,"severity":86,"severity_score":87,"severity_version":88,"severity_source":89,"severity_vector":90,"severity_status":79},true,false,"Rockwell","medium",0.12905,"critical",9.8,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[92,100],{"url":93,"sources":94,"tags":96},"https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03",[95,89],"cve.org",[97,98,99],"X Refsource MISC","Third Party Advisory","US Government Resource",{"url":101,"sources":102,"tags":103},"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22681",[95,89],[104,99],"Government Resource",[106],{"source":107,"vendor":83,"product":108,"date_added":109,"vulnerability_name":110,"short_description":111,"required_action":112,"due_date":113,"known_ransomware_campaign_use":114,"notes":115,"exploitation_type":9},"cisa","Multiple Products","2026-03-05","Rockwell Multiple Products Insufficient Protected Credentials Vulnerability","Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. This key is used to verify Logix controllers are communicating with Rockwell Automation design software. If successfully exploited, this vulnerability could allow an unauthorized application to connect with Logix controllers. To leverage this vulnerability, an unauthorized user would require network access to the controller.","Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","2026-03-26","Unknown","https://support.rockwellautomation.com/app/answers/answer_view/a_id/1130301/~/cve-2021-22681%3A-authentication-bypass-vulnerability-found-in-logix-controllers- ; https://www.cisa.gov/news-events/ics-advisories/icsa-21-056-03 ; https://nvd.nist.gov/vuln/detail/CVE-2021-22681",{"date":117,"score":85,"percentile":118},"2026-04-06",0.94035,[120,124,127,130,133,136,139,142,145,148,151,154,156,159,162,166,169,172,175,178,182,185,188,191,194,197,201,204,207,210,213,216,219,222,225,228,231,234,237,240,243,246,249,252,255,258,261,264,267,270,273,276,279,282,284,287,290,293,296,299,302,305,308,312,315,318,321,324,327,330,333,336,339,342,345,348,351,354,357,360,363,366,369,372,375,378,381,384,387,390],{"date":121,"score":122,"percentile":123},"2025-11-04",0.00118,0.31323,{"date":125,"score":122,"percentile":126},"2025-11-05",0.31297,{"date":128,"score":122,"percentile":129},"2025-11-06",0.31302,{"date":131,"score":122,"percentile":132},"2025-11-07",0.31312,{"date":134,"score":122,"percentile":135},"2025-11-08",0.31316,{"date":137,"score":122,"percentile":138},"2025-11-09",0.31294,{"date":140,"score":122,"percentile":141},"2025-11-10",0.31246,{"date":143,"score":122,"percentile":144},"2025-11-11",0.31263,{"date":146,"score":122,"percentile":147},"2025-11-12",0.31308,{"date":149,"score":122,"percentile":150},"2025-11-13",0.31325,{"date":152,"score":122,"percentile":153},"2025-11-14",0.31327,{"date":155,"score":122,"percentile":123},"2025-11-15",{"date":157,"score":122,"percentile":158},"2025-11-16",0.3129,{"date":160,"score":122,"percentile":161},"2025-11-17",0.31267,{"date":163,"score":164,"percentile":165},"2025-11-18",0.00865,0.73126,{"date":167,"score":164,"percentile":168},"2025-11-19",0.73135,{"date":170,"score":164,"percentile":171},"2025-11-20",0.73142,{"date":173,"score":122,"percentile":174},"2025-11-21",0.31305,{"date":176,"score":122,"percentile":177},"2025-11-22",0.31317,{"date":179,"score":180,"percentile":181},"2025-11-23",0.00208,0.43179,{"date":183,"score":180,"percentile":184},"2025-11-24",0.4317,{"date":186,"score":180,"percentile":187},"2025-11-25",0.43184,{"date":189,"score":180,"percentile":190},"2025-11-26",0.43183,{"date":192,"score":180,"percentile":193},"2025-11-27",0.43191,{"date":195,"score":180,"percentile":196},"2025-11-28",0.43162,{"date":198,"score":199,"percentile":200},"2025-11-29",0.00159,0.3723,{"date":202,"score":199,"percentile":203},"2025-11-30",0.37214,{"date":205,"score":199,"percentile":206},"2025-12-01",0.37327,{"date":208,"score":199,"percentile":209},"2025-12-02",0.37338,{"date":211,"score":199,"percentile":212},"2025-12-03",0.37337,{"date":214,"score":199,"percentile":215},"2025-12-04",0.37211,{"date":217,"score":199,"percentile":218},"2025-12-05",0.37245,{"date":220,"score":199,"percentile":221},"2025-12-06",0.37244,{"date":223,"score":199,"percentile":224},"2025-12-07",0.37215,{"date":226,"score":199,"percentile":227},"2025-12-08",0.37228,{"date":229,"score":199,"percentile":230},"2025-12-09",0.37267,{"date":232,"score":199,"percentile":233},"2025-12-10",0.37326,{"date":235,"score":199,"percentile":236},"2025-12-11",0.37354,{"date":238,"score":199,"percentile":239},"2025-12-12",0.37392,{"date":241,"score":199,"percentile":242},"2025-12-13",0.37369,{"date":244,"score":199,"percentile":245},"2025-12-14",0.37335,{"date":247,"score":199,"percentile":248},"2025-12-15",0.37303,{"date":250,"score":199,"percentile":251},"2025-12-16",0.37333,{"date":253,"score":199,"percentile":254},"2025-12-17",0.37381,{"date":256,"score":199,"percentile":257},"2025-12-18",0.37428,{"date":259,"score":199,"percentile":260},"2025-12-19",0.37448,{"date":262,"score":199,"percentile":263},"2025-12-20",0.37427,{"date":265,"score":199,"percentile":266},"2025-12-21",0.3737,{"date":268,"score":199,"percentile":269},"2025-12-22",0.37346,{"date":271,"score":199,"percentile":272},"2025-12-23",0.37344,{"date":274,"score":199,"percentile":275},"2025-12-24",0.37358,{"date":277,"score":199,"percentile":278},"2025-12-25",0.37417,{"date":280,"score":199,"percentile":281},"2025-12-26",0.37401,{"date":283,"score":199,"percentile":263},"2025-12-27",{"date":285,"score":199,"percentile":286},"2025-12-28",0.37319,{"date":288,"score":199,"percentile":289},"2025-12-29",0.37296,{"date":291,"score":199,"percentile":292},"2025-12-30",0.3729,{"date":294,"score":199,"percentile":295},"2025-12-31",0.37352,{"date":297,"score":199,"percentile":298},"2026-01-01",0.37501,{"date":300,"score":199,"percentile":301},"2026-01-02",0.37472,{"date":303,"score":199,"percentile":304},"2026-01-03",0.37461,{"date":306,"score":199,"percentile":307},"2026-01-04",0.37299,{"date":309,"score":310,"percentile":311},"2026-01-05",0.00182,0.40184,{"date":313,"score":310,"percentile":314},"2026-01-06",0.40188,{"date":316,"score":310,"percentile":317},"2026-01-07",0.40211,{"date":319,"score":310,"percentile":320},"2026-01-08",0.40239,{"date":322,"score":310,"percentile":323},"2026-01-09",0.40223,{"date":325,"score":310,"percentile":326},"2026-01-10",0.40222,{"date":328,"score":310,"percentile":329},"2026-01-11",0.40197,{"date":331,"score":310,"percentile":332},"2026-01-12",0.40149,{"date":334,"score":310,"percentile":335},"2026-01-13",0.40133,{"date":337,"score":310,"percentile":338},"2026-01-14",0.40181,{"date":340,"score":310,"percentile":341},"2026-01-15",0.40173,{"date":343,"score":310,"percentile":344},"2026-01-16",0.40195,{"date":346,"score":310,"percentile":347},"2026-01-17",0.40171,{"date":349,"score":310,"percentile":350},"2026-01-18",0.40127,{"date":352,"score":310,"percentile":353},"2026-01-19",0.40094,{"date":355,"score":310,"percentile":356},"2026-01-20",0.4008,{"date":358,"score":310,"percentile":359},"2026-01-21",0.40078,{"date":361,"score":310,"percentile":362},"2026-01-22",0.40067,{"date":364,"score":310,"percentile":365},"2026-01-23",0.40129,{"date":367,"score":310,"percentile":368},"2026-01-24",0.40138,{"date":370,"score":310,"percentile":371},"2026-01-25",0.40088,{"date":373,"score":310,"percentile":374},"2026-01-26",0.40033,{"date":376,"score":310,"percentile":377},"2026-01-27",0.40032,{"date":379,"score":310,"percentile":380},"2026-01-28",0.4003,{"date":382,"score":310,"percentile":383},"2026-01-29",0.40009,{"date":385,"score":310,"percentile":386},"2026-01-30",0.40012,{"date":388,"score":310,"percentile":389},"2026-01-31",0.40023,{"date":391,"score":310,"percentile":392},"2026-02-01",0.40128,[394,402],{"source":89,"cvss_v2_0":395,"cvss_v3_0":9,"cvss_v3_1":400,"cvss_v4_0":9},{"baseScore":396,"baseSeverity":9,"vectorString":397,"impactScore":398,"exploitabilityScore":399},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":87,"baseSeverity":401,"vectorString":90,"impactScore":87,"exploitabilityScore":399},"CRITICAL",{"source":95,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":403,"cvss_v4_0":9},{"baseScore":87,"baseSeverity":401,"vectorString":90,"impactScore":87,"exploitabilityScore":399},[405,416,424],{"ecosystem":9,"name":406,"vendor":407,"product":408,"cpe_part":409,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":410},"factorytalk services platform","rockwellautomation","factorytalk_services_platform","a",[411],{"version":412,"is_range":81,"range_type":413,"version_start":414,"version_start_type":415,"version_end":9,"version_end_type":9,"fixed_in":9},"gte2.10","cpe","2.10","including",{"ecosystem":9,"name":417,"vendor":407,"product":418,"cpe_part":409,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":419},"rslogix 5000","rslogix_5000",[420],{"version":421,"is_range":81,"range_type":413,"version_start":422,"version_start_type":415,"version_end":423,"version_end_type":415,"fixed_in":9},"gte16_lte20","16","20",{"ecosystem":9,"name":425,"vendor":407,"product":426,"cpe_part":409,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":427},"studio 5000 logix designer","studio_5000_logix_designer",[428],{"version":429,"is_range":81,"range_type":413,"version_start":430,"version_start_type":415,"version_end":9,"version_end_type":9,"fixed_in":9},"gte21.0","21.0"]