The vulnerabilities of microprogrammed software in programmable logic controllers such as CompactLogix 1768, CompactLogix 1769, CompactLogix 5370, CompactLogix 5380, CompactLogix 5480, ControlLogix 5550, ControlLogix 5560, ControlLogix 5570, ControlLogix 5580, DriveLogix 5560, DriveLogix 5730, DriveLogix 1794-L34, Compact GuardLogix 5370, Compact GuardLogix 5380, GuardLogix 5570, GuardLogix 5580, and SoftLogix 5800 stem from insufficient protection of registration data. This allows attackers to elevate their privileges and alter the configuration of vulnerable devices.

🗓️ 09 Mar 2021 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Vulnerabilities in PLC microprograms from weak registration data protection enable privilege escalation and configuration changes.

Reporter	Title	Published	Views	Family All 23
Circl	CVE-2021-22681	4 Apr 202210:47	–	circl
CISA KEV Catalog	Rockwell Multiple Products Insufficient Protected Credentials Vulnerability	5 Mar 202600:00	–	cisa_kev
CISA	CISA Adds Five Known Exploited Vulnerabilities to Catalog	5 Mar 202612:00	–	cisa
CNNVD	Rockwell Automation RSLogix 500 and Logix Designer Studio 5000 Security Vulnerability	25 Feb 202100:00	–	cnnvd
CVE	CVE-2021-22681	3 Mar 202117:59	–	cve
Cvelist	CVE-2021-22681	3 Mar 202117:59	–	cvelist
GithubExploit	InduGuard_vul_poc	19 Apr 202605:53	–	githubexploit
EUVD	EUVD-2021-9817	3 Oct 202520:07	–	euvd
ICS	Rockwell Automation Logix Controllers (Update A)	25 Feb 202100:00	–	ics
NCSC	Vulnerability found in Rockwell Automation Logix Controllers	26 Feb 202100:00	–	ncsc

Vulners

Node

rockwell_automation rslogix_5000Range16–20

OR

rockwell_automation studio_5000_logix_designerMatch21

Source	Link
anti-malware	www.anti-malware.ru/news/2021-02-26-114534/35129
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2021030105
us-cert	www.us-cert.cisa.gov/ics/advisories/icsa-21-056-03
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog
cisa	www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv
web	www.web.nvd.nist.gov/view/vuln/detail

06 May 2026 00:00Current

8.1High risk

Vulners AI Score8.1

CVSS 210

CVSS 310

EPSS0.25455

Programmable logic controllers microprogrammed software registration data protection privilege escalation configuration changes CompactLogix models ControlLogix models DriveLogix models GuardLogix models SoftLogix models