CVE-2025-9068
BaseFortify
Publication date: 2025-10-14
Last updated on: 2025-10-24
Assigner: Rockwell Automation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rockwellautomation | factorytalk_linx | to 6.50 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo | |
| CWE-269 | The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Rockwell Automation Driver Package x64 Microsoft Installer (MSI) repair functionality installed with FactoryTalk Linx. Authenticated attackers with valid Windows user credentials can initiate a repair process and hijack the console window for vbpinstall.exe. This hijacking allows them to launch a command prompt running with SYSTEM-level privileges, which grants full access to all files, processes, and system resources on the affected system. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability allows an authenticated attacker to escalate their privileges to SYSTEM level on the affected system. This means the attacker gains full control over the system, including access to all files, running processes, and system resources. Such access can lead to unauthorized data access, system manipulation, installation of malicious software, and potentially complete compromise of the affected environment. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate steps to mitigate this vulnerability include installing the Microsoft patch that addresses the MSI repair issue and upgrading FactoryTalk Linx to version 6.50 or later. If upgrading is not possible, follow Rockwell Automation's security best practices to reduce risk. [1]