CVE-2025-7972
published 2025-08-14CVE-2025-7972: A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP…
PriorityP355critical9.1CVSS 3.1
AVNACLPRNUINSUCNIHAH
EPSS
0.48%
37.8th percentile
A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockwell_automation | factorytalk_linx | — | — |
| rockwellautomation | factorytalk_linx | < 6.50 | 6.50 |
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
nvdv4.08.4HIGHCVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Rockwell FactoryTalk Linx
cisa_ics·2025-08-14·CVSS 9.1
[CRITICAL] Rockwell FactoryTalk Linx
ICS Advisory
##
Rockwell FactoryTalk Linx
Release DateAugust 14, 2025
Alert CodeICSA-25-226-24
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 8.4
- ATTENTION: Low attack complexity
- Vendor: Rockwell
- Equipment: FactoryTalk Linx
- Vulnerability: Improper Access Control
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to to create, update, and delete FTLinx drivers.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following Rockwell Automation products are affected:
- FactoryTalk Linx: Versions prior to 6.50
## 3.2 VULNERABILITY OVERVIEW
## 3.2.1 IMPROPER ACCESS CONTROL CWE-284
A security issue exists within the Factor
GHSA
GHSA-mhj6-rxgc-8472: A security issue exists within the FactoryTalk Linx Network Browser
ghsa_unreviewed·2025-08-14
CVE-2025-7972 [HIGH] CWE-286 GHSA-mhj6-rxgc-8472: A security issue exists within the FactoryTalk Linx Network Browser
A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-08-14
Published