Primary

Context

Rockwell Automation FactoryTalk View Machine Edition Local Code Execution Vulnerability

Vulnerability

A local code execution vulnerability has been identified in Rockwell Automation's FactoryTalk View Machine Edition, versions prior to 15. The issue arises from a default Windows setting that grants access to the Command Prompt with elevated privileges.

Impact

Exploitation of this vulnerability allows unauthorized users to execute code locally with elevated privileges, potentially leading to unauthorized access or modifications within the system.

Remediation

Users are advised to upgrade to version 15.00 or apply the patch available in AID 1152309. For additional guidance on mitigating security risks in industrial automation control systems, Rockwell Automation recommends following their security best practices.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.7

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.7

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Rockwell Automation FactoryTalk View Machine Edition Local Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating