Rockwell Automation this week revealed a number of advisories describing critical- and high-severity vulnerabilities discovered lately in its merchandise.
The economic automation large has knowledgeable prospects about essential vulnerabilities in FactoryTalk, Micro800, and ControlLogix merchandise.
Within the FactoryTalk Linx Community Browser the seller mounted CVE-2025-7972, a flaw that permits an attacker to disable FTSP token validation, which can be utilized to create, replace, and delete FTLinx drivers.
Within the case of Micro800 collection PLCs, Rockwell resolved three older vulnerabilities affecting the Azure RTOS open supply real-time working system. The safety holes will be exploited for distant code execution and privilege escalation. Along with the Azure RTOS points, the corporate has addressed a DoS vulnerability.
In ControlLogix merchandise Rockwell patched a distant code execution vulnerability tracked as CVE-2025-7353.
The checklist of high-severity flaws contains two DoS points in FLEX 5000, a code execution vulnerability in Studio 5000 Logix Designer, net server points in ArmorBlock 5000, a privilege escalation in FactoryTalk ViewPoint, and an data publicity situation in FactoryTalk Motion Supervisor.
None of those vulnerabilities have been exploited within the wild, in keeping with Rockwell Automation.
The cybersecurity company CISA has additionally revealed advisories for these vulnerabilities to tell organizations concerning the potential dangers.Commercial. Scroll to proceed studying.
Associated: Rockwell Patches Vital, Excessive-Severity Vulnerabilities in A number of Merchandise
Associated: Rockwell PowerMonitor Vulnerabilities Permit Distant Hacking of Industrial Techniques
Associated: Siemens and Rockwell Sort out Industrial Cybersecurity, however Face Buyer Hesitation
Associated: Safety Bypass Vulnerability Present in Rockwell Automation Logix Controllers
