Lucene search
K

838 matches found

ICS
ICS
added 2025/10/16 6:0 a.m.14 views

Rockwell Automation FactoryTalk ViewPoint

RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated attackers to achieve XML external entity injection, resulting in a temporary denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

8.7CVSS6.8AI score0.00415EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/10/15 12:42 p.m.3 views

CVE-2025-9066

A security issue was discovered within FactoryTalk® ViewPoint, allowing unauthenticated attackers to achieve XXE. Certain SOAP requests can be abused to perform XXE, resulting in a temporary denial-of-service...

8.7CVSS6.8AI score0.00415EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/15 12:42 p.m.6 views

CVE-2025-9063

An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. Exploitation of this vulnerability allows unauthorized access to the PanelView Plus 7 Series B, including access to the file system, retrieval of diagnostic information, event logs,...

9.8CVSS6.8AI score0.00366EPSS
Exploits0References1
NVD
NVD
added 2025/10/14 1:15 p.m.4 views

CVE-2025-9066

A security issue was discovered within FactoryTalk® ViewPoint, allowing unauthenticated attackers to achieve XXE. Certain SOAP requests can be abused to perform XXE, resulting in a temporary denial-of-service...

8.7CVSS0.00415EPSS
Exploits0References1
NVD
NVD
added 2025/10/14 1:15 p.m.8 views

CVE-2025-9063

An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. Exploitation of this vulnerability allows unauthorized access to the PanelView Plus 7 Series B, including access to the file system, retrieval of diagnostic information, event logs,...

9.8CVSS0.00366EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 1:15 p.m.5 views

CVE-2025-9064

A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating system. Exploitation of this vulnerability is dependent on the knowledge of filenames to be deleted...

9.1CVSS5.8AI score0.00554EPSS
Exploits0References1
NVD
NVD
added 2025/10/14 1:15 p.m.5 views

CVE-2025-9064

A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating system. Exploitation of this vulnerability is dependent on the knowledge of filenames to be deleted...

9.1CVSS0.00554EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 1:15 p.m.9 views

CVE-2025-9063

An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. Exploitation of this vulnerability allows unauthorized access to the PanelView Plus 7 Series B, including access to the file system, retrieval of diagnostic information, event logs,...

9.8CVSS5.8AI score0.00366EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/14 12:24 p.m.4 views

CVE-2025-9067 Rockwell Automation FactoryTalk® Linx Privilege Escalation Vulnerabilities

A security issue exists within the x86 Microsoft Installer File MSI, installed with FTLinx. Authenticated attackers with valid Windows user credentials can initiate a repair and hijack the resulting console window. This allows the launching of a command prompt running with SYSTEM-level privileges...

8.5CVSS6.4AI score0.00172EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 12:24 p.m.16 views

CVE-2025-9067

CVE-2025-9067 describes a privilege-escalation vulnerability in the x86 Microsoft Installer File (MSI) used with Rockwell Automation FactoryTalk Linx/FTLinx. Authenticated Windows users can initiate a repair via the MSI, hijack the repair console (e.g., vbpinstall.exe in the Rockwell MSI path), a...

8.5CVSS6.4AI score0.00172EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/10/14 12:24 p.m.6 views

CVE-2025-9067 Rockwell Automation FactoryTalk® Linx Privilege Escalation Vulnerabilities

A security issue exists within the x86 Microsoft Installer File MSI, installed with FTLinx. Authenticated attackers with valid Windows user credentials can initiate a repair and hijack the resulting console window. This allows the launching of a command prompt running with SYSTEM-level privileges...

8.5CVSS0.00172EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 12:23 p.m.17 views

CVE-2025-9068

CVE-2025-9068 affects Rockwell Automation Driver Package x64 MSI repair functionality (installed with FTLinx). Authenticated Windows users can initiate a repair and hijack the console window for vbpinstall.exe, spawning a SYSTEM-level command prompt with full access to files, processes, and syste...

8.5CVSS6.4AI score0.00166EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/10/14 12:23 p.m.9 views

CVE-2025-9068 Rockwell Automation FactoryTalk® Linx Privilege Escalation Vulnerabilities

A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File MSI repair functionality, installed with FTLinx. Authenticated attackers with valid Windows Users credentials can initiate a repair and hijack the resulting console window for vbpinstall.exe. This...

8.5CVSS0.00166EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/14 12:22 p.m.2 views

CVE-2025-9064 Rockwell Automation FactoryTalk View Machine Edition Path Traversal

A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating system. Exploitation of this vulnerability is dependent on the knowledge of filenames to be deleted...

8.7CVSS6.4AI score0.00554EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/14 12:22 p.m.6 views

CVE-2025-9064 Rockwell Automation FactoryTalk View Machine Edition Path Traversal

A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating system. Exploitation of this vulnerability is dependent on the knowledge of filenames to be deleted...

8.7CVSS0.00554EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 12:22 p.m.22 views

CVE-2025-9064

CVE-2025-9064 concerns a path traversal vulnerability in Rockwell Automation’s FactoryTalk View Machine Edition (FTVME) that allows unauthenticated attackers on the same network to delete arbitrary files on the panel OS, contingent on knowing target filenames. Related advisories describe addition...

9.1CVSS6.4AI score0.00554EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/14 12:22 p.m.5 views

EUVD-2025-34184

A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating system. Exploitation of this vulnerability is dependent on the knowledge of filenames to be deleted...

8.7CVSS6.3AI score0.00554EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/14 12:20 p.m.7 views

CVE-2025-9063 Rockwell Automation PanelView Plus 7 Performance Series B Authentication Bypass

An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. Exploitation of this vulnerability allows unauthorized access to the PanelView Plus 7 Series B, including access to the file system, retrieval of diagnostic information, event logs,...

7CVSS0.00366EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/14 12:20 p.m.4 views

CVE-2025-9063 Rockwell Automation PanelView Plus 7 Performance Series B Authentication Bypass

An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. Exploitation of this vulnerability allows unauthorized access to the PanelView Plus 7 Series B, including access to the file system, retrieval of diagnostic information, event logs,...

7CVSS6.5AI score0.00366EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/14 12:20 p.m.5 views

EUVD-2025-34185

An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. Exploitation of this vulnerability allows unauthorized access to the PanelView Plus 7 Series B, including access to the file system, retrieval of diagnostic information, event logs,...

7CVSS6.4AI score0.00366EPSS
Exploits0References2
Rows per page
Query Builder