Rockwell Automation FactoryTalk ViewPoint XXE to Denial-of-Service Vulnerability

Vulnerability

A vulnerability allowing unauthenticated attackers to exploit XML External Entity (XXE) processing has been identified in FactoryTalk ViewPoint. This issue arises from certain SOAP requests that can be manipulated to perform XXE, leading to a temporary denial-of-service condition.

Impact

Exploitation of this vulnerability causes a temporary denial-of-service condition.

Added: Oct 14, 2025, 1:20 PM

Updated: Oct 14, 2025, 11:33 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Rockwell Automation FactoryTalk ViewPoint XXE to Denial-of-Service Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating