Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-9161

A security issue exists within FactoryTalk Optix MQTT broker due to the lack of URI sanitization. This flaw enables the loading of remote Mosquito plugins, which can be used to achieve remote code execution.

Published

2025-09-09T13:15:32.830

Last Modified

2025-10-20T19:11:17.067

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses

Type: Secondary
CWE-77

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	rockwellautomation	factorytalk_optix	< 1.6.0	Yes

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1742.html Vendor Advisory ([email protected])