cbcvebase.
CVE-2025-9063
published 2025-10-14

CVE-2025-9063: An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. Exploitation of this vulnerability allows…

PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.37%
28.5th percentile
An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. Exploitation of this vulnerability allows unauthorized access to the PanelView Plus 7 Series B, including access to the file system, retrieval of diagnostic information, event logs, and more.

Affected

2 ranges
VendorProductVersion rangeFixed in
rockwell_automationpanelview_plus_7_performance_series_b
rockwellautomationfactorytalk_view<= 15.0

Detection & IOCsextracted from sources · hover to see the quote

  • Target product is PanelView Plus 7 Version V14.100 running FactoryTalk View Machine Edition Web Browser ActiveX control — look for unauthorized HTTP/local access attempts to file system, diagnostic info, or event logs on these devices
  • CVE-2025-9063 is a local attack vector (AV:L) with low privilege requirement — monitor for low-privileged local process activity accessing file system, diagnostic, or event log resources on PanelView Plus 7 Series B devices
  • Affected version is PanelView Plus 7 V14.100 — inventory and flag any devices running this specific firmware version as unpatched and at risk
  • ·No known public exploitation has been reported as of the advisory date — detection priority should be set accordingly but not deprioritized given critical manufacturing sector exposure
  • ·The vulnerability is exploited via the Web Browser ActiveX control component; network-isolated deployments reduce but do not eliminate risk given the local attack vector classification

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.07.0HIGHCVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.