What is GHSA-fv9f-8rj8-45rf?

GHSA-fv9f-8rj8-45rf is a security advisory published by GitHub Security Advisories with High severity. Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated...

Which CVE IDs does GHSA-fv9f-8rj8-45rf cover?

GHSA-fv9f-8rj8-45rf covers the following CVE IDs: CVE-2021-22659. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-fv9f-8rj8-45rf?

GHSA-fv9f-8rj8-45rf has a CVSS v3 base score of 8.6, published by GitHub Security Advisories.

GHSA-fv9f-8rj8-45rfHighCVSS 8.6

Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated...

Vendor

GitHub Security Advisories

Published

May 24, 2022

Last Modified

June 3, 2026

🔗 CVE IDs covered (1)

CVE-2021-22659 →

📋 Description

Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve or modify random values in the register. If successfully exploited, this may lead to a buffer overflow resulting in a denial-of-service condition. The FAULT LED will flash RED and communications may be lost. Recovery from denial-of-service condition requires the fault to be cleared by the user.

🔗 References (4)

https://nvd.nist.gov/vuln/detail/CVE-2021-22659
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1129877/loc/en_US#__highlight
https://us-cert.cisa.gov/ics/advisories/icsa-21-033-01
https://github.com/advisories/GHSA-fv9f-8rj8-45rf