Severity
High
Analysis Summary
CVE-2025-9064 CVSS:7.5
Rockwell Automation FactoryTalk View Machine Edition could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted request to delete any file within the panels operating system.
CVE-2025-9063 CVSS:7.3
Rockwell Automation PanelView Plus 7 Performance Series B could allow a remote authenticated attacker to bypass security restrictions, caused by an authentication bypass security issue.
CVE-2025-9068 CVSS:7.8
Rockwell Automation FactoryTalk Linx could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Rockwell Automation Driver Package x64 Microsoft Installer File (MSI) repair functionality.
Impact
- Gain Access
- Security Bypass
- Privilege Escalation
Indicators of Compromise
CVE
CVE-2025-9064
CVE-2025-9063
CVE-2025-9068
Affected Vendors
Affected Products
- Rockwell Automation FactoryTalk View Machine Edition
- Rockwell Automation PanelView Plus 7 Performance Series B V14.00
- Rockwell Automation FactoryTalk Linx 6.40
Remediation
Refer to Rockwell Automation Security Advisory for patch, upgrade, or suggested workaround information.