Rockwell Automation Factorytalk Linx vulnerabilities
4 known vulnerabilities affecting rockwell_automation/factorytalk_linx.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2
Vulnerabilities
Page 1 of 1
CVE-2023-29464P3CRITICALCVSS 9.1v6.20v6.302023-10-13
CVE-2023-29464 [CRITICAL] CWE-20 CVE-2023-29464: FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor
FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. Sending a size larger than the buffer size results in leakage of data from memory resulting in an information disclosure. If the size is large enough, it causes communications over the common ind
nvd
CVE-2025-7972P3CRITICALCVSS 9.1vAll prior to 6.502025-08-14
CVE-2025-7972 [CRITICAL] CWE-286 CVE-2025-7972: A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NO
A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers.
nvd
CVE-2025-9067P3HIGHCVSS 7.8v6.40 and prior2025-10-14
CVE-2025-9067 [HIGH] CWE-269 CVE-2025-9067: A security issue exists within the x86 Microsoft Installer File (MSI), installed with FTLinx. Authen
A security issue exists within the x86 Microsoft Installer File (MSI), installed with FTLinx. Authenticated attackers with valid Windows user credentials can initiate a repair and hijack the resulting console window. This allows the launching of a command prompt running with SYSTEM-level privileges, allowing full access to all files, processes, and syst
nvd
CVE-2025-9068P3HIGHCVSS 7.8v6.40 and prior2025-10-14
CVE-2025-9068 [HIGH] CWE-269 CVE-2025-9068: A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File (
A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File (MSI) repair functionality, installed with FTLinx. Authenticated attackers with valid Windows Users credentials can initiate a repair and hijack the resulting console window for vbpinstall.exe. This allows the launching of a command prompt running with SYS
nvd