CVE-2025-9161
BaseFortify
Publication date: 2025-09-09
Last updated on: 2025-10-20
Assigner: Rockwell Automation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rockwellautomation | factorytalk_optix | From 1.5.0 (inc) to 1.6.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the FactoryTalk Optix MQTT broker due to improper URI sanitization, which allows attackers to load remote Mosquitto plugins. This can lead to remote code execution on affected systems, meaning an attacker could run malicious code remotely. [1]
How can this vulnerability impact me? :
The vulnerability can allow attackers to execute code remotely on systems running affected versions of FactoryTalk Optix (1.5.0 through 1.5.7). This could lead to unauthorized control, data compromise, or disruption of operations in environments using this software. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to upgrade FactoryTalk Optix to version 1.6.0 or later, where the issue is corrected. If upgrading is not possible, follow Rockwell Automationβs security best practices as no workarounds are available. [1]