Primary

Context

Rockwell Automation FactoryTalk Linx Privilege Escalation Vulnerability

Vulnerability

Patched

A privilege escalation vulnerability has been identified in the x86 Microsoft Installer File (MSI) associated with FactoryTalk Linx, version 6.40 and prior. This vulnerability allows authenticated attackers with valid Windows user credentials to initiate a repair process, hijacking the resulting console window. Exploitation of this vulnerability enables the attacker to launch a command prompt with SYSTEM-level privileges, granting full access to all files, processes, and system resources.

Impact

Exploitation of this vulnerability allows for privilege escalation to SYSTEM-level, enabling full control over the affected system's files, processes, and resources.

Remediation

Users are advised to upgrade to FactoryTalk Linx version 6.50 or later. For those unable to upgrade, Rockwell Automation recommends following their security best practices.

Added: Oct 14, 2025, 1:19 PM

Updated: Oct 14, 2025, 11:32 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

10.0

exploitability

3.5

remediation

8.3

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

10.0

exploitability

3.5

remediation

8.3

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Rockwell Automation FactoryTalk Linx Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Rockwell Automation FactoryTalk Linx

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating