Rewterz Threat Advisory – CVE-2021-1368 – Cisco FXOS and NX-OS Software code execution
February 25, 2021Rewterz Threat Advisory – CVE-2021-27253 – NETGEAR Nighthawk R7800 buffer overflow
February 26, 2021Rewterz Threat Advisory – CVE-2021-1368 – Cisco FXOS and NX-OS Software code execution
February 25, 2021Rewterz Threat Advisory – CVE-2021-27253 – NETGEAR Nighthawk R7800 buffer overflow
February 26, 2021Severity
High
Analysis Summary
CVE-2021-22681
Rockwell Automation Logix Controllers could allow a remote attacker to bypass security restrictions, caused by the use of weak key for communication verification. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass verification mechanism and authenticate with Logix controllers.
Impact
Security bypass
Affected Vendors
Rockwell Automation
Affected Products
Rockwell Automation ControlLogix 5560 controllers
Remediation
Upgrade to the latest version of Logix Controllers, available from the Rockwell Automation advisory along with the affected products.