CVE-2025-24482 FactoryTalk® View Site Edition - Local Code Injection

A Local Code Injection Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect default permissions and allows for DLLs to be executed with higher level permissions...

Vulnerability fixed in Rockwell Automation FactoryTalk View Site

Rockwell Automation has fixed a vulnerability in FactoryTalk View Site. A malicious party could exploit the vulnerability to execute arbitrary code in the application, in the victim's context, using a Cross-Site Scripting attack. For successful exploitation, the malicious party must have access t...

CVE-2024-45824 FactoryTalk® View Site Edition Remote Code Execution Vulnerability via Lack of Input Validation

CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The vulnerability occurs when chained with Path Traversal, Command Injection, and XSS Vulnerabilities and allows for full unauthenticated remote code execution. The link in the mitigations section below contains...

CVE-2023-46289

Rockwell Automation FactoryTalk View Site Edition (V11.0 affected) suffers from improper input validation (CVE-2023-46289). Insufficient validation could allow a remote attacker to submit malicious data, potentially rendering the product unavailable and requiring a restart to recover, i.e., a den...