Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-9064

A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating system. Exploitation of this vulnerability is dependent on the knowledge of filenames to be deleted.

Published

2025-10-14T13:15:39.643

Last Modified

2025-10-28T15:20:33.767

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.1 (CRITICAL)

Weaknesses

Type: Secondary
CWE-287
Type: Primary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	rockwellautomation	factorytalk_view	≤ 15.0	Yes

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1753.html Vendor Advisory ([email protected])