Rockwell Automation FactoryTalk Linx Elevation of Privilege Vulnerability (CNVD-2026-10857)

Rockwell Automation FactoryTalk Linx is a set of industrial communication solutions from Rockwell Rockwell Automation. The product is primarily used for small applications to communicate with large automation systems and more. An elevation of privilege vulnerability exists in Rockwell Automation...

CVE-2025-9067 Rockwell Automation FactoryTalk® Linx Privilege Escalation Vulnerabilities

A security issue exists within the x86 Microsoft Installer File MSI, installed with FTLinx. Authenticated attackers with valid Windows user credentials can initiate a repair and hijack the resulting console window. This allows the launching of a command prompt running with SYSTEM-level privileges...

CVE-2025-9364 Rockwell Automation FactoryTalk® Analytics™ LogixAI® Exposed Redis DB

An open database issue exists in the affected product and version. The security issue stems from an over permissive Redis instance. This could result in an attacker on the intranet accessing sensitive data and potential alteration of data...

CISA Releases Fourteen Industrial Control Systems Advisories

CISA released fourteen Industrial Control Systems ICS advisories on September 9, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-252-01 Rockwell Automation ThinManager ICSA-25-252-02 ABB Cylon Aspect BMS/BAS...

Rockwell FactoryTalk Linx

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to to create, update, and delete FTLinx drivers. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

Rockwell Automation FactoryTalk Action Manager

RISK EVALUATION Successful exploitation of this vulnerability could allow a local unauthenticated attacker to listen to communications and manipulate the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

The vulnerability of the software for creating and managing graphical user interfaces for Rockwell Automation FactoryTalk View Machine Edition industrial devices lies in the lack of measures taken to neutralize special elements used in the operating system’s commands. This allows a perpetrator to execute arbitrary code.

The vulnerability of the software for creating and managing graphical user interfaces on Rockwell Automation’s FactoryTalk View Machine Edition devices is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability ca...

Rockwell FactoryTalk Batch View < 3.00 Authentication Bypass

The version of Rockwell FactoryTalk Batch View installed on the remote Windows host is prior to 3.00. It is, therefore, affected by a vulnerability. - An authentication bypass vulnerability exists in the affected product. The vulnerability exists due to shared secrets across accounts and could...

Rockwell FactoryTalk Batch View Installed (Windows)

Binary data rockwellfactorytalkbatchviewinstalled.nbin...

CVE-2024-6326

An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. A malicious user could exploit this vulnerability by starting a back-up or restore process, which temporarily exposes private keys, passwords, pre-shared keys, and database folders wh...

CVE-2024-37368

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. Due to the lack of proper authentication, this action is allowed without...

The vulnerability of the functionality of the reporting feature of Rockwell Automation’s HMI software FactoryTalk View SE Datalog allows a hacker to gain full access to the data.

The vulnerability of the reporting function of the Rockwell Automation FactoryTalk View SE Datalog software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain full access to the data by sending a specially crafted SQL...

Rockwell FactoryTalk Historian Installed (Windows)

Binary data rockwellfactorytalkhistorianinstalled.nbin...

CVE-2024-21915

A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform FTSP. If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read an...

Rockwell FactoryTalk Services Platform < 6.40 Authentication Bypass

The version of Rockwell FactoryTalk Services Platform installed on the remote Windows host is prior to 6.40. It is, therefore, affected by a vulnerability. - A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and u...

Rockwell FactoryTalk Services Platform < 6.20 Privilege Escalation

The version of Rockwell FactoryTalk Services Platform installed on the remote Windows host is prior to 6.20. It is, therefore, affected by a vulnerability. - FactoryTalk Services Platform contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security...

Rockwell FactoryTalk Product and Version Enumeration (Windows)

Binary data rockwellfactorytalkwinenuminstalls.nbin...

CVE-2023-46289

Rockwell Automation FactoryTalk View Site Edition insufficiently validates user input, which could potentially allow threat actors to send malicious data bringing the product offline. If exploited, the product would become unavailable and require a restart to recover resulting in a...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on June 13, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-164-01 Datalogics Library Third-Party ICSA-23-164-02 Rockwell Automation FactoryTalk...

Rockwell Automation FactoryTalk Services Platform 授权问题漏洞

Rockwell Automation FactoryTalk Services Platform is a suite of services platforms from Rockwell Automation, Inc. that consists of multiple products that provide applications with routine services such as diagnostic information, health monitoring, and real-time data access. A security vulnerabili...