AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

🔥 This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)

CVE-2021-22681: Rockwell Multiple Products Insufficient Protected Credentials Vulnerability

infovulnerability🔥 Actively Exploited

security

Source: CISA Known Exploited VulnerabilitiesMarch 4, 2026CVE-2021-22681

Summary

Rockwell Automation's Studio 5000 Logix Designer software has a vulnerability where a secret key used to verify communication between design software and Logix controllers (industrial control devices) can be discovered by attackers. An unauthorized user with network access to the controller could exploit this to connect malicious applications and take control of industrial systems. This vulnerability is currently being exploited by real attackers.

Solution / Mitigation

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 15.4%

Exploit Maturity

🔥 Actively Exploited

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-522

Original source: https://nvd.nist.gov/vuln/detail/CVE-2021-22681

First tracked: March 5, 2026 at 03:00 PM

Classified by LLM (prompt v3) · confidence: 95%