Vulnerabilities fixed in Rockwell Automation FactoryTalk

Rockwell Automation has fixed vulnerabilities in FactoryTalk View Machine Edition. The vulnerabilities include an authentication bypass that allows unauthorized access to the PanelView Plus 7 Series B file system and diagnostic information. In addition, there is a path-traversal vulnerability tha...

CVE-2025-24479 FactoryTalk® View Machine Edition - Local Code Injection

A Local Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to a default setting in Windows and allows access to the Command Prompt as a higher privileged user...

Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus

Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service DoS condition. "The remote code execution vulnerability in PanelView Plus involves two custom...

CVE-2023-2071

Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets. The device has the functionality, through a CIP class, to execute exported functions...

CVE-2023-2071

CVE-2023-2071 affects Rockwell Automation FactoryTalk View Machine Edition on PanelView Plus. It describes improper input validation that lets an unauthenticated attacker achieve remote code execution by sending crafted packets; the device can execute exported functions via a CIP class, and an at...

CVE-2023-2071 FactoryTalk View Machine Edition Vulnerable to Remote Code Execution

Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets. The device has the functionality, through a CIP class, to execute exported functions...