CVE-2025-9064 — CRITICAL (9.1)

Q: How severe is CVE-2025-9064?

CVE-2025-9064 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2025-9064?

Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation Factorytalk View.

Vulnerability Description

A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating system. Exploitation of this vulnerability is dependent on the knowledge of filenames to be deleted.

CVSS Score

9.1

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Rockwellautomation	Factorytalk View	<= 15.0

Related Weaknesses (CWE)

CWE-22 CWE-287

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisoVendor Advisory

FAQ

What is CVE-2025-9064?

CVE-2025-9064 is a vulnerability with a CVSS score of 9.1 (CRITICAL). A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating syst...

How severe is CVE-2025-9064?

CVE-2025-9064 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2025-9064?

Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation Factorytalk View.