Rockwell Automation FactoryTalk® Analytics™ LogixAI® Exposed Redis DB_CVE-2025-9364

8.7 / 10

HIGH

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

An open database issue exists in the affected product and version. The security issue stems from an over permissive Redis instance. This could result in an attacker on the intranet accessing sensitive data and potential alteration of data.

Basic Information

ID CVE-2025-9364

Source Rockwell

Published Sep 9, 2025 at 12:41

Modified Sep 9, 2025 at 13:36

Affected Product

Vendor Rockwell Automation

Product FactoryTalk® Analytics™ LogixAI®

Version Versions 3.00 and 3.01

Affected Versions Rockwell Automation FactoryTalk® Analytics™ LogixAI® Versions 3.00 and 3.01

CWE Classification

CWE-497

References

www.rockwellautomation.com /en-us/trust-center/security-advisories/advisory.SD1748.html

{
    "lastseen": "",
    "description": "An open database issue exists in the affected product and version. The security issue stems from an over permissive Redis instance. This could result in an attacker on the intranet accessing sensitive data and potential alteration of data.",
    "published": "2025-09-09T12:41:23.124Z",
    "modified": "2025-09-09T13:36:31.291Z",
    "type": "cve",
    "title": "Rockwell Automation FactoryTalk\u00ae Analytics\u2122 LogixAI\u00ae Exposed Redis DB",
    "source": "Rockwell",
    "references": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1748.html",
    "id": "CVE-2025-9364",
    "bulletinFamily": "",
    "cwe": [
        "CWE-497"
    ],
    "cvelist": null,
    "sourceData": "Rockwell Automation FactoryTalk\u00ae Analytics\u2122 LogixAI\u00ae Versions 3.00 and 3.01",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FactoryTalk\u00ae Analytics\u2122 LogixAI\u00ae",
    "version": "Versions 3.00 and 3.01",
    "vendor": "Rockwell Automation",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}