This vulnerability is rated CRITICAL due to its potential for remote exploitation without authentication, which could lead to significant disruptions or physical damage in industrial control environments.
A vulnerability (CVE-2021-22681) in Rockwell Automation's Studio 5000 Logix Designer software and several Logix PLCs allows remote, unauthenticated attackers to bypass verification and connect to targeted controllers. This could disrupt manufacturing processes or cause physical damage to equipment.
Affected Systems
- Rockwell Automation Studio 5000 Logix Designer
- CompactLogix PLCs
- ControlLogix PLCs
- DriveLogix PLCs
- FlexLogix PLCs
- GuardLogix PLCs
- SoftLogix devices
Affected Versions: All versions before the latest update that includes mitigations for CVE-2021-22681
Remediation
- Apply the latest security updates from Rockwell Automation for Studio 5000 Logix Designer and all affected PLCs.
- Review network segmentation to ensure ICS devices are not directly accessible from untrusted networks.
- Implement strict access controls and monitoring on industrial control systems.
Stack Impact
This vulnerability impacts specific industrial control software and hardware components, including Rockwell's Studio 5000 Logix Designer and various PLC models. It does not affect general IT infrastructure like nginx or OpenSSL.