Rockwell Automation FactoryTalk View Machine Edition Path Traversal_CVE-2025-9064

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Description

A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating system. Exploitation of this vulnerability is dependent on the knowledge of filenames to be deleted.

AI Analysis

AI processing failed - returned non-JSON response

Basic Information

ID CVE-2025-9064

Source Rockwell

Published Oct 14, 2025 at 12:22

Affected Product

Vendor Rockwell Automation

Product FactoryTalk View Machine Edition

Version V15.00 and prior

Affected Versions Rockwell Automation FactoryTalk View Machine Edition V15.00 and prior

CWE Classification

CWE-287

References

www.rockwellautomation.com /en-us/trust-center/security-advisories/advisory.SD1753.html

{
    "lastseen": "",
    "description": "A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating system. Exploitation of this vulnerability is dependent on the knowledge of filenames to be deleted.",
    "published": "2025-10-14T12:22:36.551Z",
    "modified": "2025-10-14T12:22:36.551Z",
    "type": "cve",
    "title": "Rockwell Automation FactoryTalk View Machine Edition Path Traversal",
    "source": "Rockwell",
    "references": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1753.html",
    "id": "CVE-2025-9064",
    "bulletinFamily": "",
    "cwe": [
        "CWE-287"
    ],
    "cvelist": null,
    "sourceData": "Rockwell Automation FactoryTalk View Machine Edition V15.00 and prior",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FactoryTalk View Machine Edition",
    "version": "V15.00 and prior",
    "vendor": "Rockwell Automation",
    "ai_description": "AI processing failed - returned non-JSON response",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}