CVE-2025-9064

Rockwell Automation FactoryTalk View Machine Edition Path Traversal

CVSS 8.7 HIGHEPSS 0.6%CWE-287

Vexday Risk Score

21Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 8.7EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

14 out 2025Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating system. Exploitation of this vulnerability is dependent on the knowledge of filenames to be deleted.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Produtos afetados

Rockwell Automation · FactoryTalk View Machine Edition

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1753.html