Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-7972

A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers.

Published

2025-08-14T15:15:42.413

Last Modified

2025-10-29T20:30:16.047

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.1 (CRITICAL)

Weaknesses

Type: Secondary
CWE-286

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	rockwellautomation	factorytalk_linx	< 6.50	Yes

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1735.html Vendor Advisory ([email protected])