Primary

Context

Rockwell Automation FactoryTalk View Machine Edition and PanelView Plus 7 Authentication Bypass Vulnerability

Vulnerability

An authentication bypass vulnerability has been identified in the Web Browser ActiveX control of FactoryTalk View Machine Edition. This issue affects PanelView Plus 7 Series B devices running version 14.100. Exploiting this vulnerability allows unauthorized access to the device, including the file system, diagnostic information, event logs, and more.

Impact

Exploitation of this vulnerability leads to unauthorized access on affected PanelView Plus 7 Series B devices, allowing access to the file system, diagnostic information, event logs, and other sensitive data.

Remediation

Users can update to PanelView Plus 7 Performance Series B version 14.103 or apply the FactoryTalk View ME V15.00 update on ASEM 6300 IPCs. If an update is not possible, it is recommended to remove the Web Browser ActiveX Control.

Added: Oct 14, 2025, 1:21 PM

Updated: Oct 14, 2025, 11:34 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.4

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.4

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Rockwell Automation FactoryTalk View Machine Edition and PanelView Plus 7 Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating