Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HRockwellautomation Compact Guardlogix 5370
HWRockwellautomationwszystkie wersjeRockwellautomation Compact Guardlogix 5380
HWRockwellautomationwszystkie wersjeRockwellautomation Compactlogix 1768
HWRockwellautomationwszystkie wersjeRockwellautomation Compactlogix 1769
HWRockwellautomationwszystkie wersjeRockwellautomation Compactlogix 5370
HWRockwellautomationwszystkie wersjeRockwellautomation Compactlogix 5380
HWRockwellautomationwszystkie wersjeRockwellautomation Compactlogix 5480
HWRockwellautomationwszystkie wersjeRockwellautomation Controllogix 5550
HWRockwellautomationwszystkie wersjeRockwellautomation Controllogix 5560
HWRockwellautomationwszystkie wersjeRockwellautomation Controllogix 5570
HWRockwellautomationwszystkie wersjeRockwellautomation Controllogix 5580
HWRockwellautomationwszystkie wersjeRockwellautomation Drivelogix 1794 L34
HWRockwellautomationwszystkie wersjeRockwellautomation Drivelogix 5560
HWRockwellautomationwszystkie wersjeRockwellautomation Drivelogix 5730
HWRockwellautomationwszystkie wersjeRockwellautomation Factorytalk Services Platform
APPRockwellautomation≥ 2.10Rockwellautomation Guardlogix 5570
HWRockwellautomationwszystkie wersjeRockwellautomation Guardlogix 5580
HWRockwellautomationwszystkie wersjeRockwellautomation Rslogix 5000
APPRockwellautomation16 – 20Rockwellautomation Softlogix 5800
HWRockwellautomationwszystkie wersjeRockwellautomation Studio 5000 Logix Designer
APPRockwellautomation≥ 21.0
CISA KEV — detailsi
- Vendori
- Rockwell
- Producti
- Multiple Products
- Added to KEVi
- March 5, 2026
- Remediation deadline (US Federal)i
- March 26, 2026(overdue)
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. This key is used to verify Logix controllers are communicating with Rockwell Automation design software. If successfully exploited, this vulnerability could allow an unauthorized application to connect with Logix controllers. To leverage this vulnerability, an unauthorized user would require network access to the controller.
Related vulnerabilities
Privilege escalation w Rockwell Automation FactoryTalk Services Platform
Rockwell Automation FactoryTalk — przechwycenie tokenu uwierzytelniającego (brak podpisu cyfrowego)
An attacker with the ability to modify a user program may change user program code on some ControlLogix, Compa...
In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the ...
In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Servic...